Travel companies should use a combination of solutions to protect themselves from cyber crime, including staff training, antivirus software and “phrase” passwords, according to a cyber security expert.
Speaking at the Aito Overseas Conference in Evora, Portugal, Stephen Hall, managing consultant in governance, risk and compliance, Acuity Group, said there was “no such thing as 100% protection” against cyber attacks such as ransomware or phishing.
He said: “Cyber security is about a combination of solutions rather than a single fix. A lot of it comes down to security awareness – reputational damage can destroy a business over time.”
He added: “One of the biggest risks is people in the organisation and what they can cause accidentally or deliberately. In most cases it’s an accident, when someone clicks on a link they shouldn’t and this results in a ransomware or phishing attack.”
Solutions include educating staff on how to make cyber attacks less likely, keeping software up to date, putting robust antivirus software, using techniques such as “sandboxing”, where emails are put into a “closed space” and checked for a virus before they are passed on to read, and making passwords harder to crack.
Hall suggested using phrases instead of words with a combination of characters, such as, ‘I_love_Dubai1’.
“We know corporate email addresses have got into fraudsters hands. Cracking passwords is just a matter of time; if you are using a common word password it takes about 3 seconds to crack, just going to ten characters means it can take two years,” he said.