BALI, INDONESIA – Phishing and other forms of social engineering have emerged as the biggest cybersecurity risk for travel companies as artificial intelligence (AI) makes attacks more targeted and harder to detect, according to global travel technology firm HBX Group.
The issue was discussed during a media roundtable at MarketHub Asia 2026, an industry conference organized by HBX Group that gathered travel companies, hoteliers, and other tech partners from across the Asia-Pacific region
HBX Group chief information officer Daniel Nordholm said social engineering has become the easiest way for attackers to penetrate organizations because it targets individuals rather than technical systems.
“What has happened now, in particular with AI, is that you see a lot more sophistication where they can also adapt their messaging and their attack vectors more in real time than in the past,” Nordholm told reporters.
On this note, the CIO said that the growing sophistication of AI-driven attacks has pushed the company to change how it approaches cybersecurity.
Instead of relying largely on post-incident investigations, the HBX Group has shifted toward a more predictive model, using automated tools to continuously analyze activity across systems exposed to external environment
Given the scale of its operations, Nordholm said it is no longer feasible for human teams alone to manually review security logs.
AI-driven agents are now used to identify unusual patterns and potential vulnerabilities, allowing the company to take preventive action before incidents escalate.
He added that the company has also focused on limiting the impact of successful intrusions by preventing lateral movement across interconnected systems.
By segmenting platforms and isolating critical assets, the company aims to contain breaches and reduce the risk of wider disruption across its tech infrastructure.
Finally, Nordholm said the company combines automated detection tools with experienced security teams as it adapts to a threat environment where AI is increasingly being used by both attackers and defenders.
“So, you essentially look into how you classify and how you protect your most valuable assets, and how you essentially then gradually move out from that core,” he said.
He also shared that they are constantly trying to operate with the newest and greatest technology, seeing that AI is continuously lowering the barrier for attackers.
The HBX Group operates a business-to-business travel technology platform that connects hotels and other travel suppliers with travel agencies, tour operators and online booking platforms.
Its portfolio includes Hotelbeds, Bedsonline, Roiback, and its systems process billions of interactions annually across global markets.
