itb-au logo
Story image

Marriott, British Airways fines highlight critical need for security investment

12 Jul 2019

The last week has brought heavy fines against the likes of global hotel chain Marriott and airline British Airways, casting a harsh spotlight on the price of cyber attacks.

According to analyst firm GlobalData, many organisations are still ‘considering’ cybersecurity investment, rather than taking steps to implement it.

''In a survey conducted by GlobalData, 37% of respondents stated that their companies were making a ''major investment'' into cybersecurity technologies now. A further 43% said they would be doing so in the next three years,” comments Globaldata’s head of R&A, travel and tourism, Nick Wyatt.

''37% is encouraging but over 40% are still delaying investment despite last year's large-scale breaches at Marriott and British Airways showing that measures are often not yet robust enough."

The consequences of ignoring cybersecurity investment are costly. The United Kingdom’s Information Commissioner’s Office (ICO) handed out fines of £183.39 million to British airways, and £99.2 million to Marriott.

Wyatt notes that the authorities is serios about using its powers and penalising organisations for breaches.

“The message is clear: get serious about cybersecurity or face the consequences. So if you're planning to invest heavily in cybersecurity, why wait?”

''The consequences are clearly significant in financial terms, but there is also a somewhat intangible reputational impact. Consumers' faith in companies can be shaken, particularly in the travel and tourism industry, where companies have a duty of care to look after highly sensitive personal data such as that contained within passports.”

In 2018 GlobalData forecast that investment on cybersecurity will increase to beyond US$140 billion by 2021, equating to a compound annual growth rate of 6%.

"These fines must serve as a wake-up call for other companies, many of whom are still highly vulnerable to cyber attacks themselves. These companies need to act now and ensure that they are harnessing the latest technologies to protect their customers' personal data.”

GlobalData notes that there are several key cybersecurity investment areas. These include network security, unified threat management, artificial intelligence, behavioural analytics, SIEM, endpoint security, mobile security, identity management, data security, application security, email security, cloud security, managed security services, post-breach consultancy services.

‘‘Traditionally, most companies have adopted a prevention-based approach to cybersecurity, but recent advances in technology areas like machine learning are enabling a move towards active detection of threats,” comments GlobalData thematic research head Cyrus Mewawalla. 

“This allows pre-emptive action to be taken to stop breaches before they occur and also serves to free up resources currently occupied with chasing false positives from existing, more reactive systems.”

Story image
Case study: MECCA has HCM makeover with Workday
The phased HCM makeover began in 2017, when the company made the decision to launch a three to five-year program to digitalise its human capital management technology so that it could simplify everyday requirements for its team members and enable them to self-serve. More
Story image
Google & Lenovo launch first meeting room kits for Google Meet
Google Meet Series One meeting room kits are engineered for hybrid working environments, such as those in the office and in remote locationsMore
Story image
Analysis: Why, how and when to move to the cloud
In this era of the enterprise, cloud is the mother of business reinvention. But there are some critical considerations to ponder before the move is made.More
Link image
Revealed: A competitive assessment of colocation vendors
Interconnection plus colocation is essential to remove the distance between users, cloud services, ecosystem partners and customers for higher performance and lower network latency. Here is an assessment of 9More
Story image
IBM, Alphabet and well-funded startups in the race for quantum supremacy
"It may not come as a surprise that quantum computing one day replaces artificial intelligence as the mainstream technology to help industries tackle problems they never would have attempted to solve before.”More
Story image
Jamf extends Microsoft collaboration with iOS Device Compliance
Organisations will soon be able to use Jamf for Apple ecosystem management while using Azure Active Directory and Microsoft Endpoint manager to maintain conditional access.More