Cyberattacks across all industries and countries regularly hit the headlines with record financial impacts, unquantifiable reputational damages and serious operational disruptions. Just last year, the World Economic Forum stated that cyberattacks are one of the top ten global risks of highest concern in the next decade.
The aerospace sector is a prime target for cybercriminals worldwide. In the last few years, a number of aerospace actors have been affected by cyberattacks ranging from theft of personal data, to operations disruption and even supply chain corruption.
In the face of this, the international regulatory framework is continuously being strengthened, bringing in new security and safety regulations and rapidly changing the requirements airlines and other aerospace stakeholders have to comply with. In October 2020, the American Federal watchdog urged the Federal Aviation Administration (FAA) to implement more actions to prevent cyberattacks on airplanes. In 2019, the International Civil Aviation Organization (ICAO) adopted the A40-10 Assembly Resolution, urging states to implement the Aviation Cybersecurity Strategy.
Many other areas of the aircraft ecosystem can be compromised by a cyberattack and need to be managed accordingly. For several years now, the rise of a more connected, digital aircraft has increased risks of cyberattacks. Even though statistically less common, cyberattacks on the connectivity items of the aircraft are regarded as the most critical and impactful threats, prompting the need to mitigate the risk of a cybersecurity breach in this area.
The entire aviation value chain is therefore a potential target for cybercriminals, driving the need for a holistic approach to cybersecurity in aviation.
Holistic approach to cybersecurity in aviation
The drive for new regulations around cybersecurity in aviation not only originates from the impact a cyberattack can have on companies and their employees but also society at large.
When we hear of a cyberattack the first thing that comes to mind is the financial impact on an organisation, for example, 1 hour operations disruption at a large airport at peak time has an estimated cost of $1m. In general, the cost of a cyberattack is estimated around $1m.
Aside from financial impacts, aviation actors also face serious credibility issues, which can negatively impact their reputation and brand image and lead to unquantifiable secondary financial impacts
Nonetheless, although this shift in mindset is occurring in the aviation industry, all actors are facing issues in effectively securing their operations. One of the main concerns raised is the need for more proactivity amidst the rising security threats.
Increasing employee awareness of cyberattacks and how to prevent them has become a rising challenge for airlines. Employees are often considered as the potential weakest link in the value chain. Giving them a key role to play in securing the entire ecosystem and reinforcing safety behaviours have become critical for aerospace actors.
Non-exhaustive list of standards and regulations
How can I avoid cyberattacks?
Employee awareness is the single most important element in your defense against cyberthreats. With rising numbers of cyberattacks across the aviation industry, making your employees aware of security threats and helping them understand how to effectively protect your company is paramount. A variety of training is available on the market today to help you prepare your team and compensate for their lack of expertise.
Although it’s difficult to foresee how constraining future frameworks will be, regulatory entities such as EASA and FAA are planning to implement new regulations in the coming years. Mitigating the risk of non-compliance can be challenging. Today, many options are available to assess or audit your security implementations and ensure you have everything in place to avoid a possible attack or fine.
Protect your entire company’s IT infrastructure by setting up a layered approach to your defence. Typically, companies look into installing firewalls, antimalware, antivirus, identity and access control, etc. A holistic approach should be preferred when bringing in these different types of IT security solutions to avoid creating hidden back doors, which could still compromise your entire IT network.
A Security Operations Centre (SOC) allows you to control, monitor and detect any incoming threats to your system and respond to them in the most appropriate way. The SOC goes hand in hand with a defined set of rules and response measures for each type of incident. These need to be defined upfront and revised regularly to keep up with the evolving threats.
Documenting policies, procedures and processes that revolve around the airline’s cybersecurity organisation is key to ensure consistency and structure. This framework becomes the guiding principle all airline stakeholders need to follow and comply with. Anticipate future changes from regulatory enforcement bodies and set up your base framework that you will be able to build upon over time. If you’re not sure how to get started, different solutions are available to you to help you design the framework most adapted to your organisation.