Leisure Industry Tempting Target for Cyber Pirates: Willis

By | August 2, 2011

The hospitality industry is a tempting target for an increasing number of cyber attacks.

The vast quantities of personal, identifiable information collected by the leisure and hospitality industry puts the industry at greater risk for cyber attacks, according to Willis Group Holdings. Willis’ Cyber Risk Unit reports that cyber-related insurance claims have spiked by 56 percent over the past year alone, with an increasing proportion of victims in the hospitality industry.

Citing a recent survey, the Willis Summer 2011 Leisure Newsletter warns that hotels, resorts, tour companies, and other leisure and entertainment providers are increasingly vulnerable to hackers seeking to steal personal information. The Newsletter highlights the major risks posed by the deluge of personal data and advises companies how to protect themselves against cyber crime.

The Ponemon Institute, a U.S.-based information technology think tank, estimates that the costs of recovering from a cyber attack – including costs associated with notifying customers and implementing credit monitoring software to help ensure victims’ credit records are not compromised by the misuse of stolen data – typically range anywhere between $100,000 to $1 million. However, Willis warns that some of the largest breaches can cost in excess of $100 million. More stringent data protection legislation coming into force will only further increase companies’ financial exposure to cyber crime, both in terms of liabilities to banks and individuals, and reputational damage.

The main culprits of data breaches include rogue employees, malicious attacks, and innocent mistakes made by outsourcing firms employed to manage customer data.

“Hackers are getting ever more sophisticated, penetrating firewalls to drain corporate databases of their customers’ personal details, including credit card numbers when not encrypted, medical histories and other personal information,” said Laurie Fraser, global markets leisure practice leader for Willis. “This year has already seen at least three high profile cyber crime cases where security breaches triggered public outrage and panic over identity theft and fraud. The incidents badly bruised the reputations of popular consumer brands, as well as exposed firms to a host of increased costs as well as potential liabilities.”

Businesses such as those in the hospitality industry hold substantial volumes of personal, identifiable data are irresistible to web-based pirates, says Jeremy Smith, practice leader of Willis’ London cyber team.

In response, Smith said that cyber liability insurance, which has existed for about 10 years, is evolving to reflect the current environment, helping companies to transfer the risks and costs of data loss and cyber piracy.

“Willis is working closely with the insurance industry to stress test existing policies’ ability to address the nature of cyber crime and develop exclusive wordings that assist in the transfer of these risks,” he said.

Recent advances in coverage include the introduction of identity theft solutions and Payment Card Industry fines coverage, which helps to protect companies from penalties linked to the mismanagement of credit card data, Smith said.

Source: Willis Group Holdings

About Andrea Wells

Andrea Wells is a veteran insurance editor and Editor-in-Chief of Insurance Journal Magazine. More from Andrea Wells

Was this article valuable?

Here are more articles you may enjoy.