Cyber Security Applications in the Modern Tourism Industry

The main objective of the study is to demonstrate the importance of cyber security in the applications of the modern tourism industry, and to study the most important safe practices in the preservation of digital databases in all aspects of the modern tourism industry, including airlines, travel & tourism offices, and facilities of hospitality. It aims to enhance the security of the electronic information policy, both Descriptive and Spatial, securing digital networks, and providing possible tools and means for the sustainable preservation of digital databases, in order to achieve all the competitive and comparative advantages of all parties to the modern tourism industry, through helping decision makers to understand the importance of adopting cybersecurity in all inputs of the tourism and hospitality industry in the current century, in light of the enormous expansion in the concepts of smart tourism. The study found out the importance of cybersecurity along with physical security in tourism, which is the most important key in the process of development, marketing and management of tourist sites at the time being.


Introduction
For many years now, cyber security has been a source of concern for many government institutions and the banking sector in securing databases against cyber-attacks and the resulting crimes. As far as the tourism and travel sector is concerned, the concept of cyber security has recently become a major challenge in the growth of global tourism and travel, especially with the spread of smart tourism, and its enormous expansion in the current century in the electronic booking systems, and in all aspects of the tourism industry, represented by the airline sector, the travel and tourism offices, and hospitality institutions (Burns& Roberts, 2013;Karajeh & Maqableh, 2014;Al-Hussein et al, 2015;Khwaldeh et al., 2017;Alananzeh et al,2018;).
The World Tourism Organization (WTO) celebrates World Tourism Day on 27 September each year. The theme of 2018 was "Tourism and Digital Transformation".; to highlight the importance of technological developments and innovations in the continuity and increasing sustainability in the tourism sector at the international level, and the need for more investment in digital technology, leading to the formation of a tourism environment characterized by leadership, creativity and innovation in the development of the tourism sector. The competitiveness of the sector, investment, development, and marketing depend directly on the development of digital tourism, which poses a challenge in trying to align the development of smart tourism within the requirements of the transformation of the current era, and to put an end to cyber-attacks.
The year 2019 witnessed a clear and strong trend in introducing the concept of cyber security in all aspects of the modern tourism industry at the international level, especially in developing countries. Therefore, the tourism industry is one of the most developed and growing economic sectors in the field of e-commerce, compared to other economic sectors, where statistics from the World Tourism Organization WTO for 2018 showed that 76% of the total travelers in Britain make tourist booking through the Internet, 88% of US travelers use the Internet to make hotel reservations, and 90% on flights (Al-Omari et al,2015;Subba Rao ,et al,1997;Ahmad et al,2012).
Achieving cyber security in the tourism and hospitality industry is subject to a number of controls that seek to provide optimal requirements, standards and practices to minimize cyber threats to tourist databases across the tourism industry, requiring the protection of digital databases by providing a number of controls based on the confidentiality and integrity of information in tourist databases, as illustrated in Figure 1.
requires tourism establishments develop their systems and capabilities to cope with the rapid changes in digital technology.
A number of studies addressed the challenges and cyber risks in the hospitality industry, notably the study of (Beck et al, 2019), where the researcher divided these challenges into five sections; identity theft and fraud, data violations and theft especially credit cards, in addition to cyber-attacks on Hotel Wi-Fi networks, and access to personal information for guests. Other sections of threats tackle the lack of audit courses in the field of hotel security, especially in tourist facilities in the Middle East and South Asia. The study of (Bazazo et al, 2017b;Masa'deh et al,2020), addressed cyber security and its importance in developing tourism in India. The study found that tourism relies directly on the application of cyber security concepts in all sectors of India's tourism and hospitality industry.
The previous discussion of the study literature indicates that the applications of cyber security in the modern tourism industry is an important element in the development of safe tourism at the international level, as these literature sought a number of drawbacks resulting from the lack of understanding and integrating cyber security in all aspects of the development of modern tourism, This study is a continuation of previous studies, in an attempt to reveal the relationship between tourism security and cyber security, through the holistic approach of all elements of the topic referred to (Jawabreh,2017;Klimburg,2012;Jawabreh& Alrabei,2012;Korstanje,2018;Jawabrehet al,2012a;João,2016;Lok ,2015;Jawabreh et al,2012b;Khaleefah et al,2018;Rumman,2014;Saleh et al,2018).
New patterns of security have emerged in tourism, which are not limited to physical security, especially in light of the steady expansion of the growth of international tourism. This has led to the emergence of very dangerous patterns of digital attacks, which have been universally agreed to be called cyber-attacks. They aim to disrupt vital services in all aspects of modern tourism industry, as well as to deploy malicious software and viruses to sabotage communications' infrastructure, and control systems of tourist databases, especially in important tourist facilities: airlines , tourist offices and hotels through several channels including optical networks, mobile memory, in addition to other common channels, such as: e-mail, social networking sites, which negatively and significantly affect the performance of these institutions, many studies have indicated that these institutions are not immune to cyber-attacks even if they are not connected to the Internet.

Objectives of the study
The present study aims to diagnose and study the impact of cyber security, and the extent of this impact on the size, trends and growth of tourism at the international level, by showing the most important applications of cyber security in the modern tourism industry. This study also seeks to identify the following objectives: 1 . Promoting and upgrading digital tourism cyber security in all sectors of communications and information technology in the modern tourism industry . 2 . Demonstrating the relationship between cyber security and the competitiveness and the relativeness of hotel and tourist facilities. 3. Identifying the most prominent technical, procedural and functional means in the face of cyber-attacks and promoting the policy of information security in the modern tourism industry.

The Problem of the Study:
The tourism industry in the 21st century has witnessed a rapid and remarkable development as one of the most important global economic sectors in supporting the economies of the countries. This growth is represented in the increasing use of digital technology in the development of smart tourism, which has become the prevailing and dominant feature of the tourism sector, as many international reports have pointed out. This poses many problems and challenges for all parts of the tourism industry towards digital transformation, obtaining a higher market share and achieving comparative and competitive advantages, with the aim of achieving sustainability in its tourism growth, which has led to more challenges of cyber-attacks in various forms. These challenges threaten the survival and continuity of tourist and hotel establishments in performing their business to the fullest.
Researchers addressed the concept of cyber security and its applications in various fields, including industrial, military and economic, since the early part of the current century. But in the field of tourism many international organizations interested in tourism began recently to introduce the concepts of cyber security in the tourism industry, and focus on this important scientific aspect. Studies have focused on the concept of physical security for a long time, taking into account the security of tourists and tourist sites, without focusing directly on cyber security. The fundamental scientific issue that this study is trying to address in a holistic and complementary manner is identifying the most important applications of cyber security in all the aspects to the tourism industry .
In light of the above, the study attempts to answer the following questions : 1 . Why is cyber security so important in the competitiveness of tourist destination? 2 . What techniques and tools are currently used to protect the descriptive and spatial databases used in modern tourism industry? 3 . What are the current threats to the security of digital database networks in the tourism sector? 4 . What international standards should be followed to achieve cyber security in the modern tourism industry ? 5. What is the difference between physical security and cyber security in the modern tourism industry?

Methodology of the study
This study is one of the exploratory studies that seek to demonstrate a new concept at the international level in general, and the tourism sector in particular in light of the rapid development of the volume of growth of digital technologies. So the study relied on a number of scientific methods and means in addressing the subject, which is the use of analytical descriptive approach, with the aim of diagnosing the digital reality of the international tourism sector, and the main threats facing the complete transformation of all parts of the tourism industry towards intelligent transformation, focusing on the method of collecting data from international reports issued by a number of cyber security organizations. Using the chronological method was emphasized to identify the evolution of cyber security applications over multiple time stages, and the comparative approach was used to analyze the nature of the relationship between physical security and cyber security in modern tourism industry applications. .

Cyber security applications in the modern tourism industry:
Cyber security in tourism can be defined as information security as well as spatial and descriptive databases' security through the cyber space from any illegal entry. Which lead to changing the construction and structure of digital tourism reservation systems, the data of tourist and hotel establishments, their communication's systems, and communications infrastructure among all parties of modern tourism industry? Enhancing cyber security in tourism and hospitality industry includes a number of controls in tourism databases' management, the management of access and authorities' identities, the protection of systems and information processing software, depending on the management of network security from cyber risks, processing and management of backups, and management of security gabs; these gabs are likely to be exploited by cyber-attacks. Cyber security objectives in modern tourism industry include a number of areas: 1 . Taking all necessary measures to protect tourists and tourist establishments (hotels, airports, airlines, maritime and land lines, tourist offices) from potential risks in various Internet uses. 2 . Promoting and protecting the confidentiality and privacy of data for tourists, within the digital databases of airlines, hotels and tourist offices. 3 . Promoting and protecting the operational programs and the data contained therein concerning the marketing of tourist sites and tourist establishments with the aim of preventing any access or entry in violation of the laws. 4. Protecting telecommunication and information networks, computer and embedded systems, with the aim of reaching a holistic cyber security.

Cyber security applications in human resources management in the tourism sector:
Human resources are the backbone and the most important element in the development of the tourism industry. Applying cyber security requirements in this aspect is very important through a number of procedures, including: clearly indicating in career contracts to maintain the confidentiality and security of information during and after the end of the employee's relationship with The tourism company, in addition to conducting security survey, obtaining security clearances (Screening or Vetting), and focusing on raising employees' awareness of the importance of cyber security in the preservation of tourist databases, through providing them with training courses periodically and sustainably to keep up with the latest technical developments in the field of tourism and hospitality industry. Raising awareness of the staff in cyber security concepts helps significantly in the fight against cybercrime, through the existence of legislations governing their relationship.

Cyber security applications in hospitality management:
It is worth mentioning that one of the most important requirements for achieving cyber security in hospitality institutions is the modernization of hotels' digital software on an ongoing and sustainable basis, especially in relation to hotel reservation systems (Alsarayreh et al, 2010). This can be achieved through relying on software for the protection of digital databases, which operate according to the Cyber security system, with the aim of identifying internal and external threats, and identifying and classifying the degree of risk in the IT environment on hotel reservation system servers in a way that includes a number of important topics: 1 . Defining roles and responsibilities within hotel establishments in relation to managing cyber risks in case of emergencies and crises. 2 . Maintaining the privacy of the data of the guests. 3 . Networking and cooperation with all parties of the tourism industry and security authorities at the regional and global level to face cyber threats, by signing joint cooperation agreements to address cyber threats. Examples of cyber-attacks and data hacking of hotels and guests include the Butlmsr group which has been exposed to cyber-attacks, accessing 34,000 guest databases, hacking their names, addresses, phone numbers and e-mail addresses. Another example is dixonsrdComphone Global Group in 2018. The number of accounts threatened by cyber-attacks was 10 million, indicating an increase compared to 2017, when the number of threatened accounts was 8.2 million. The most prominent attacks were cyber piracy of personal data. Attackers have identified the details of electronic payment cards for more than 5.4 million people. In addition, in 2015,"The Hilton" noted that its data, particularly electronic payment systems, were exposed to several cyberattacks (Beck et al,2019;Coca-Stefaniak& Morrison, 2018;Qeed et al,2010;Jawabreh et al,2017b;Bazazo et al,2017c;Soni et al,2017;Bazazo et al,2017d;Gcaza et al,2017) Cyber security applications are used in many areas of the hospitality industry, including: improving guest services, food and beverage management, database management for sales systems, front-end services, accounting services, as well as procurement and storage services as illustrated in figure 2 .

Figure 2. Cyber Security (IT) can improve Almost all areas of hospitality indusry
Many hotels do not directly declare the dangers of cyber-attacks on their technological systems because of their fear of being prosecuted by hotel guests, in addition to being a service organization that seeks to maintain its reputation and image for a higher market share.
Cyber security applications in the management of travel and tourism offices: The 2019 ICEAM International Report refers to the study by Beck et al,2019, a specialist in the field of cyber tourism security, who analyzed all digital data available online for the Truss Cad Group and accessed to sensitive digital systems for private databases, email addresses, personal bookings for tourists, details of return and departure trips, and all other details between 2013 and 2018. He was able to carry out cyber-attacks by identifying all the previous details using a number of software that allow data recovery through Spice, Hughes &Moscardo,2019. The researcher communicated with the group of companies, with the aim of correcting flaws, protecting databases from cyber-attacks, and fixing all loopholes.
Another example is that in February 2017, APTB British, one of the UK's largest travel and tourism organizations, was exposed to cyber-attacks on its technical systems, revealing details of travel bookings of up to 1,500 tourists. Leading the company to repair all the shortcomings of the system and apologize (Jawabreh& Al Sarayreh;Jawabreh et al,2018) We may conclude, from the above, the need to achieve the requirements of cyber security in reservation systems, and maintain confidentiality in tourist and travel offices in a sustainable manner, taking into account the maximization of revenues of tourist offices, and the minimization of the damage caused by security attacks. Booking systems in tourism and travel agencies on the Internet rely on three basic rules, confidentiality, safety  Figure 3. Cyber security tourism systems Cyber security applications in airlines and airport management: Since 9/11, the aviation industry has undergone structural changes at the international level in terms of security and management processes that take into account the concept of cyber security clearly and accurately, where hackers use a lot of tools, means and methods to, illegally, enter digital databases of global airlines as shown in figure (4), such as: hacking, the use of deceptive electronic software which pretends to do one thing when in fact intended to do something different, in addition to the use of computer viruses, and crimes related to e-mails, encryption and digital terrorism. In 2017 British Airways announced that cyber hackers attacked the digital databases of travelers and were able to identify Passengers' personal and financial data and all their booking details during the period between August 21 and September 5, where 3800 bank cards have been hacked. In addition to the above, cyber-attacks affect all transport systems, air navigation, airports, network and control centers, traffic systems, etc. as shown in figure 5. Cyber-attacks and theft of passengers' data, lead to the use of this data to expose airlines and travelers to extortion, theft, and violation of privacy. This has led to the suspension of many airports and airlines, especially in developing countries, and directing many warnings from the World Aviation Organization for the need to: preserve digital databases from cyber-attacks, use scanning systems to assess vulnerabilities at airports and airlines, in addition to periodically checking digital databases, in order to identify weaknesses and vulnerabilities and treat them, as well as the fight against cyber terrorism as illustrated in figure (6).

Figure 6. Cyber-attacks
It is clear, from the above, that there are a number of challenges that stand in the way of applying the concepts of cyber security in the modern tourism industry, including hospitality institutions, airlines, airports and tourist offices as shown in figure (7).

Conclusions and recommendations:
The results of the study indicate the need for all tourism companies to provide a complete record of cyber risks, and to ensure that it is updated in a sustainable manner, in order to identify all cyber risks and their chronological order, and to categorize the level of cyber-attacks.
The need for tourist and hotel establishments, especially small and medium-sized enterprises, for alliances and contracts with international companies specialized in combating cyber-attacks.
The results of the study showed the need for tourist and hotel establishments to develop regulations, principles and internal policies for employees, regarding the security of internet use and the use of networks and databases by empowering employees through sustainable upgrading courses.
The study reached a diagnosis of the concept of cyber security, which includes the protection of systems, networks and digital databases within three areas: cybercrime, cyber war, and cyber terrorism.
The study showed the difficulty of inducting a mathematical law, and the difficulty of finding physiological evidence, taking into account all the climatic elements affecting human comfort, and the difficulty of measuring psychological comfort. The study also showed the importance of the behavioral approach to identify the characteristics of the studied phenomenon from different angles and aspects under consideration.
The scientific contribution of the study is to increase public knowledge and awareness about the applications of cyber security in the tourism and hospitality industry, and to increase the knowledge of decision