British Airways is facing a record fine of £183m for last year’s security breach. Nick Wyatt, Head of R&A, Travel & Tourism at GlobalData, a leading data and analytics company, offers his view on what this means for other companies:
“We’ve been saying for a long time that companies in the travel & tourism sector need to get serious about cybersecurity and this perfectly illustrates why.
“The Information Commissioner’s Office’s (ICO) strict enforcement of the new rules will have sent a huge shiver down the spine of many a CEO as it demonstrates the ever-present threat of a large financial penalty for any company holding customer data.
“The size of BA’s fine must serve as a wake-up call for other companies, many of whom are still highly vulnerable to cyberattacks themselves. These companies need to act now and ensure that they are harnessing the latest technologies to protect their customers’ personal data.
“The action against BA announced today will have sent out a ‘nobody’s immune from punishment’ message and companies must sit up and start to treat cybersecurity measures with the respect they warrant.
“£183 million is a record fine and represents 1.5% of the company’s annual turnover. However, new GDPR laws permit fines of up to 4%, so it could have been worse, especially when you consider that the details of about 500,000 customers were harvested in the attack.”