The future of the travel & tourism industry will be shaped by a range of disruptive themes, with cybersecurity being one of the themes that will have a significant impact on rail and road transport companies. A detailed analysis of the theme, insights into the leading companies, and their thematic and valuation scorecards are included in GlobalData’s thematic research report,Cybersecurity in Travel and Tourism – Thematic Research.  Buy the report here.

Smarter leaders trust GlobalData

Cybersecurity is the body of technologies, processes, and practices designed to protect networks, computers, programmes, and electronic data from attack. The travel and tourism industry is highly exposed to attacks due to the wealth of personal data it stores.  


Cybercriminals are attracted to this wealth of sensitive, personal data that the travel industry holds on every traveller. If these data points are not well protected, there are significant risks for the customers, who could have their data stolen. Such breaches can damage a company’s reputation. Several high-profile companies within the sector have made negative headlines due to poor cybersecurity. Cybercriminals exploit the vulnerabilities within a cybersecurity strategy, so a rigorous approach is central to effective risk management. To tackle cyber threats, a company’s cybersecurity strategy must involve contingency planning, outlining immediate actions, post-breach responses, and an understanding of the company’s current cyber risks.  

The travel and tourism sector is becoming increasingly digitalised, embracing emerging technologies such as artificial intelligence (AI), the Internet of Things (IoT), and cloud. As the digital ecosystems of companies grow, they become more vulnerable to cyberattacks. The industry is fragmented, with direct suppliers sharing data with third-party intermediaries, increasing the number of potential entry points for attackers to exploit. Data is most secure when all companies across the travel and tourism value chain invest in all layers of the cybersecurity value chain. Collaboration is vital, and companies must ensure that all of their vendors also have suitable measures in place. It takes only one vulnerable device to compromise an entire network, impacting the reputation of a business and damaging both the companies they work with and customers’ security. 

However, not all companies are equal when it comes to their capabilities and investments in the key themes that matter most to their industry. Understanding how companies are positioned and ranked in the most important themes can be a key leading indicator of their future earnings potential and relative competitive position.  

According to GlobalData’s thematic research report, Cybersecurity in Travel & Tourism, leading adopters include: Avis, Budget Group, SNCF Group, Deutsche Bahn, Flix, East Japan Railway Company, Stagecoach Group, Indian Railways, Enterprise Holdings, National Express and FirstGroup

Insight from a top ranked company 

East Japan Railway Company  

The East Japan Railway Group (JR East) offers a series of train routes across Japan for both domestic and international tourists. The company continues to take measures to ensure security, including continuously upgrading the functions of in-house systems and training related personnel. In its 2021 integrated report, JR East outlined its introduction of an information security management system led by its CISO. This included promoting measures such as an in-depth defence with many security measures, a system that detects threats and responds to attacks, and upgrades to the software to ensure that vulnerabilities are spotted. It also emphasised its commitment to improving employee awareness. 

To further understand the key themes and technologies disrupting the travel & tourism industry, access GlobalData’s latest thematic research report on Cybersecurity in Travel & Tourism.   

Premium Insights


The gold standard of business intelligence.

Blending expert knowledge with cutting-edge technology, GlobalData’s unrivalled proprietary data will enable you to decode what’s happening in your market. You can make better informed decisions and gain a future-proof advantage over your competitors.

Frequently asked questions

  • 1. Why are Travel & Tourism companies investing in cybersecurity?

    Travel & Tourism companies are investing in cybersecurity to protect their customers' personal data and prevent cyberattacks. The industry is highly susceptible to cyberattacks due to the large amount of personal data collected during bookings and the high dependence on IT systems. Cybersecurity investment helps companies maintain a secure environment and protect their reputation.

  • 2. How do cyberattacks impact the Travel & Tourism industry?

    Cyberattacks can have a significant impact on the Travel & Tourism industry, causing reputational damage and financial losses. The industry holds valuable personal data on every traveler, making it an attractive target for cybercriminals. Cyberattacks can disrupt operations, cause flight cancellations, and lead to data breaches, resulting in loss of customer trust and revenue.

  • 3. Which Travel & Tourism companies are leaders in cybersecurity adoption?

    Accor, Air Canada, Booking Holdings, Despegar, JR East Group, LATAM Airlines, Melia Hotels International, Southwest Airlines, United Airlines, and Qatar Airways are leaders in cybersecurity adoption in the Travel & Tourism industry.

  • 4. Who are the leading vendors of cybersecurity to the Travel & Tourism industry?

    Ekran Systems, F-Secure, ITSEC Group, TitanHQ, and VigiTrust are the leading vendors of cybersecurity to the Travel & Tourism industry.

  • 5. How does increased investment in cybersecurity benefit Travel & Tourism companies?

    Increased investment in cybersecurity benefits Travel & Tourism companies by protecting their customers' personal data, preventing cyberattacks, and maintaining a secure environment. It also helps companies avoid reputational damage and financial losses, and build customer trust.

  • 6. What are the challenges with adoption of cybersecurity in Travel & Tourism?

    The challenges with adoption of cybersecurity in Travel & Tourism include the high dependence on IT systems, the large amount of personal data collected, and the variety of entry points across the business. The industry is also constantly evolving, making it difficult to keep up with new technologies and stay ahead of cyberattackers.

  • 7. What is the projected market size of cybersecurity in Travel & Tourism?

    GlobalData forecasts that all three components of cybersecurity spending will grow in revenue between 2021 and 2025, with software generating the highest revenue and growing at a compound annual growth rate (CAGR) of 13.7% to reach $1 billion in 2025. Revenues from cybersecurity hardware and services will also continue to rise, growing at CAGRs of 10.2% and 5.2%, respectively.

  • 8. Who are the leading specialist cybersecurity vendors in Travel & Tourism?

    Ekran Systems, F-Secure, ITSEC Group, TitanHQ, and VigiTrust are the leading specialist cybersecurity vendors in Travel & Tourism.

  • 9. What are the components of the cybersecurity value chain?

    The components of the cybersecurity value chain include hardware, software, and services such as unified threat management, vulnerability management, application security, managed security services, risk and compliance services, post-breach response services, chip-based security, identity management, data security, email security, network security, threat detection and response, cloud security, and endpoint security.


GlobalData, the leading provider of industry intelligence, provided the underlying data, research, and analysis used to produce this article.

GlobalData’s Thematic Scorecard ranks companies within a sector based on their overall leadership in the 10 themes that matter most to their industry, generating a leading indicator of their future earnings and relative position within key strategic areas.