Filip Boyen: 'General managers don't take cybersecurity seriously'

General managers don’t take cybersecurity seriously enough, the former chief executive of Forbes Travel Guide has warned.

Speaking at Aspire’s Leaders of Luxury conference at BAFTA in London yesterday (14 June), Filip Boyen said the public only heard about cybersecurity “when Marriott or Four Seasons get hacked, because [their stocks] are publicly traded”.

Marriott International was fined £18.4m by the Information Commissioner’s Office (ICO) in October 2020 following a hack of its Starwood customer database in 2014, which was estimated to have compromised 339m million guest records.

Boyen, who is now global ambassador for Forbes Travel Guide and was formerly chief operating officer at Belmond and chief executive of Small Luxury Hotels of the World, said there were “hundreds of incidents with private hotels we never hear about”.

“The problem is GMs don’t take [cybersecurity] very seriously. They say it’s an IT problem until it happens,” he added.

Boyen said reputational damage and guests’ data “going haywire” were just some of the risks posed by a breach in cybersecurity.

He advised staff to be “discreet” so they could build trust with clients and maintain a “professional and respectful environment for all” when systems were hacked.

It comes after hoteliers were urged to take extra care when verifying bookings from Booking.com following a rise in fake reservations being made through the website earlier this month.

In September 2022, IHG, which owns 18 hotel brands, including Holiday Inn, Hotel Indigo and Crowne Plaza, reported “unauthorised activity” in its technology systems which resulted in severe disruptions to its booking channels.