We reviewed an article featuring the views of Rockwell Collins’ director of airport strategic programmes...
Airports worldwide face a number of challenges implementing cybersecurity solutions.
Airport operators understand that the fight for a completely cyber-secure environment must be an ongoing process, within a constantly-evolving, technologically-advanced industry that faces new threats and vulnerabilities on a daily basis.
This approach begins at the very top of the airport management team; with the director or the chief executive, and filters down to every department, ensuring the responsibility for cybersecurity is felt throughout the chain of management and into the departmental operations teams.
By setting simple yet firm standards, the pressure is shared by a collective system that can then be supported by newly introduced cybersecurity tools and creates a holistic view that can then be measured and managed more easily and cost-effectively.
Create a governance committee and cybersecurity team
The creation of a cybersecurity governance committee from the heads of all departments keeps every team talking about the current issues and how they are affected by them. This is a simple way to ensure all teams, from finance to human resources to security, are all working together to create a secure environment.
A dedicated cybersecurity team can become a valuable asset to any airport serious about implementing systems and processes to fight cyber-attack. Effective cybersecurity strategies don’t just happen in the IT department, and it is important to give the team the authority to work in all areas of the operational environment to make sure cybersecurity practices are constantly monitored and evaluated for the governance committee.
Implement cybersecurity education and training at every level
The education of the governance committee is an important part of the strategy, and this is where IT departments and teams can help. This approach takes a step forward and allows IT to advise the committee about current cybersecurity activities, giving them a chance to push for new solutions with the airport decision-makers.
Basic cybersecurity awareness training on a regular basis keeps personnel up-to-date, and can offer valuable insights into the most common threads of cyber-attack, such as social engineering, which uses deception to manipulate airport staff into divulging, however inadvertently, confidential or personal information.
Training in the IT department is also important to strengthen the resistance to cyber-attack. When cybersecurity measures are practiced every day, they become ingrained and absorbed into a system, which is when it can be at its strongest. Only through regular, dedicated training can all employees, from the top-down and the ground-up, ensure they have the best chance of a cyber-secure airport environment.
Finding out where potential vulnerabilities to new cyber-threats lie quickly, offers the chance to create and test patch programs, for example. Thoroughly testing patch programs takes time and follows a process, which in some cases, could take the operations systems offline. Knowing a new vulnerability exists, or a new cyber-threat launched can make a difference.
Use a proven cybersecurity framework and implement data governance
The use of existing cybersecurity frameworks can be invaluable for benchmarking purposes within a busy airport environment. When proven best practices are implemented and measured, improvements to cybersecurity become clearer to decision-makers at the top.
Today’s stance on data storage, retention and distribution is tough. The committee must make sure that there is a system in place that ticks the boxes in terms of mandatory compliance on data governance, whether internal or external. With regulatory requirements placing more and more pressure on airport operators and personnel, proven processes and mandatory conditions can often dictate the requirements of a system.
Carry out risk assessment and mitigate risk from the top-down
Some airport environments carry enormous IT assets, and having a full, detailed inventory is essential if all potential vulnerabilities are to be identified. This is a critical step for airports of all sizes, before carrying out a risk assessment.
A risk assessment of all airport systems and processes, including networking, standard policies and procedures is vital to address vulnerabilities within the operational environment. The cybersecurity committee will consider this to be one of the most important steps, and a risk assessment in every department will be critical to determine where the most urgent problems lie.
The creation of a cybersecurity committee delivers a way to review risk assessments and make decisions on how to move forward quickly. Without a dedicated decision-making team, the process of implementing cybersecurity is much harder and takes longer.
Ensure cyber-attack response system is implemented and practiced
One of the most important steps to have in place is the creation of a standard response to an incident of cyber-attack. There must be a policy that dictates the process of reporting a suspected cybersecurity breach, how to classify and identify it, and what process to follow should it require an elevation to an attack of a serious nature that should be handled by external authorities. Another element of this approach will be to have a system in place to isolate, gather and preserve evidence of the incident.
It is important that the entire operations team, from the ground to the top, knows what to do in the event of a cyber-attack. When emergency ground teams attend a physical problem, such as a fire or a terror attack, they are well-practiced and thus efficient. This must also be the case in the event of a cyber-attack, when airport infrastructure and operations are threatened. Experts advise that regular drill days should be set aside, when procedures and systems can be tested and reported. This can also be useful information for the cybersecurity team to identify new potential problems and discuss and implement changes or new solutions with the governance committee.
Creating a physically secure environment
Although it may seem obvious, the creation of a physically-secure environment for infrastructure and data systems is critical to a robust cybersecurity program, and investment here must be a consideration. This is when cyber- and physical-security integrate, as there are many types of security threat that can adversely impact an airport, such as fire or natural disaster in addition to terror threat or cyber-attack. Making sure that operations can continue, even with simple ideas, such as redundant power sources and a stable physical structure, is vital.
For more information, fill out the enquiry form on this page.
As automated immigration programmes and processes are being used more widely, it is essential that...
With the introduction of the EU General Data Protection Regulation (GDPR), airports and airlines are...
A recent article explored the issue of cybersecurity in airports and how they are aiming to...