Mapping and Modeling Kenya’s Hospitality Industry Cyber Security Factors: Case of Selected Hotels in the North Rift

Abstract

This study investigated by modeling cyber-security factors affecting tourism and hospitality industry in Kenya. More specifically, three selected state of the art hotels in the North Rift that were then used for the study. The objective of the study was to explore cyber vulnerabilities in the tourism industry using three indicators; namely, the nature of the incident/threat, the impact of the incident/threat and the response to the incident/threat. These three indicators were inspired by a conceptual framework for cyber vulnerabilities in the tourism industry as proposed by Pizam and Mansfeld (2006). Correctional research design was employed in this study and notably the multiple regression model was used to predict cyber vulnerabilities using the aforementioned indicators in the tourism industry. Data was collected using questionnaires from the selected hotels. The collected data was coded, analyzed and the results generated were presented using the multiple regression analysis parameters comprising of model summary having the r2, regression coefficients and ANOVA. From the three aforementioned indicators (independent variables), hypotheses were formulated to test and establish the intensity of cyber vulnerabilities of the selected hotels. The ANOVA results formed the basis of rejecting or accepting the null hypotheses. The research results showed that the response to a threat or incident is a major indicator in understanding the cyber threats afflicting the hospitality industry in Kenya’s North Rift selected state of the art hotels. In essence, the findings indicated that a better understanding of the nature of a threat, the lesser the impact of an incident and ultimately the better the response will be. The findings of the study is anticipated to be used by both the future researchers in related discipline as well as the tourism industry fraternity especially the Information technology personnel in making decisions relating to cyber security.