Security breaches around the world are causing airline delays, disrupting ground operations and resulting in compromised data and costly recovery efforts. The increase in cyber threats is forcing airports and airlines to invest in cybersecurity to ensure the safety and security of air travel.
Airport managers serve as a vital role in developing a comprehensive cybersecurity plan, which includes prevention, detection and response policies necessary to keep airports online if a breach occurs. Online intruders have a variety of entry points within an airport’s network, including business systems, airport operation systems, facilities systems and terminal and off-site concessions, according to the Intelligent Transportation Society of California (ITSCA).
In the fight against cyber crime, networks need technology, people and processes to protect data and ensure passenger and customer privacy. In addition to establishing a cybersecurity program, airport managers need to emphasize the continuous demands on airports to stay protected.
The following industry best practices will help airport managers overseeing large and small, public and private airfields better prepare for the rising wave of cyber crime.
Identify and Prioritize Threats
Airport managers need to be aware of all current and potential threats that can impact critical data and systems, according to the 2015 “Guidebook on Best Practices for Airport Cybersecurity” by the Airport Cooperative Research Program (ACRP).
To help with identifying threats, the ACRP recommends maintaining an inventory of all airport data, systems, network devices and users that could be affected by a cyber attack. Additionally, individuals and teams should identify and prioritize vulnerabilities throughout these systems based on the impact a successful attack may have, operationally and financially.
According to a 2016 PricewaterhouseCoopers (PwC) report, professionals need to define what reasonable security means for the organization and how much should be invested to prevent a breach. Ultimately, an organization needs to have a security portfolio that addresses the highest threats.
Implement Employee Training
Airport managers are encouraged to establish and enforce cyber education initiatives that help train managers, staff, consultants and tenants. All employees need to be aware of data and system credentials, be wary of social engineering tactics, learn how to adequately protect the devices they control and know how to report suspicious activity and policy infractions, according to the ACRP’s guide.
Training can help prevent human error as well as inform all employees of the potential risks within the aviation industry.
Build a Security Culture
While organization-wide mandatory and spot-check training opportunities are important, PwC recommends building a strong security culture across the organization because even small lapses in procedure can lead to a breach.
Building an employee culture with cybersecurity front and center starts with those in leadership and eventually includes all departments for various reasons. For example, managers need to set the tone from the top by maintaining regular communication with all internal and external stakeholders and related agencies. Airport marketing professionals need to protect consumer information by investing in necessary guards against identity theft and customer databases via loyalty programs. Operations must maintain all digital security measures needed to keep an airport online.
Invest in a Cybersecurity Team
A growing number of airports have created and implemented a chief information security officer (CISO) to oversee all cybersecurity efforts and manage IT staff, according to the ACRP.
When an airport has a CISO or head of information security, it’s vital airport managers maintain open, continuous communication with those individuals regarding new threats, the level of protection, training initiatives and technology tools.
Having a fully functional IT team will ensure infrastructure is updated, security monitoring is in place and protocols for the aftermath of a successful breach are agreed upon by all stakeholders.
Should a breach occur, leadership needs to be informed and prepared to isolate affected systems, recover from attacks, and learn from them, according to the ACRP.
By following industry best practices, aviation leaders will be able to prioritize projects, funding and intricacies of airport-wide cybersecurity programs.