It’s that time of year again: the holidays are among us. Soon, millions of us will be on the road and in the air, on our way to visit friends and relatives to celebrate the season (or perhaps to get away from it all). Whatever the reason, holiday travel can be stressful and hectic. The last thing any holiday traveler needs to worry about is a data breach.
Few of us think about it, but so many aspects of modern travel leave us exposed to cyberthreats – and that’s especially true during the holidays. From the moment we go online to book a trip until we return safely home, we touch a lot of things that carry potential security perils. While the primary culprits are criminal hackers, what has enabled them is a travel industry that has been slow to fully embrace application security. The result has been a rash of data breaches that have affected millions of travelers.
Travel booking sites
Airports
Airlines
Ridesharing apps
Hotels
What Can Be Done
It’s no wonder that the travel industry has become a top target for hackers over the years, as travel companies routinely handle personal information for millions of customers around the world. Naturally, hackers are drawn to all that data.
But travel companies share in the blame because they have made themselves vulnerable. They’ve been quick to take advantage of technology to enhance user experience and improve internal processes, but slow to embrace the level of security needed to protect those systems. Mobile apps have made life easier for millions of travelers, yet they’ve also introduced new cyber risks that travel companies have been ill-prepared to handle.
In fact, according to WhiteHat Security’s 2019 State of Application Security report, more than one-third of all applications in the transportation industry are always vulnerable.
Every travel company that touches sensitive customer data needs to take a more proactive approach to application security. All software assets – mobile, web-based or APIs – need to be thoroughly tested throughout their development lifecycle. Development and security teams need to collaborate and be well-aligned in order to understand risks and how to mitigate them.
It’s unlikely that our travel activity will ever be completely immune to cyberthreats. But if travel companies take the needed steps to improve application security and travelers remain aware of threats and use common sense to protect their information, then we can all rest a little easier and enjoy the holidays a little more.