Only one third of boards at airlines, and a fifth at airports, have fully integrated cybersecurity into their business plans, according to new research from IT provider SITA.
Barbara Dalibard, CEO of SITA, highlighted that while cybersecurity is the number one priority for almost all airlines and airports, it demands more attention and must be higher on industry board agendas.
Dalibard said: “Recent global cyber attacks demonstrate the risks and the need for a proactive approach. The air transport industry is highly connected and reliant on partners. We must work as a community to fight the global threat to cybersecurity.”
She added: “While we are pleased to see a 46% increase in the number of airlines prepared to deal with major cyber threats over the past year, there is still more to be done. The industry should move from dealing with common cyber threats to being prepared for major ones.”
SITA has conducted in-depth research into the level of cybersecurity maturity at airlines and airports. The results show that there are very high levels of security awareness among staff at airlines (82%) and airports (85%). This year, beyond cybersecurity protection, the industry is focusing on threat detection and response management. Already CIOs at 69% of airlines and 47% of airports are implementing security events and correlation monitoring, while security incident response management is being put in place at 77% of airlines and 60% airports.
Dalibard added: “Airlines and airports are building their critical defences and preparing to deal with common threats but we must all bring it to the highest level and integrate cybersecurity at executive and board level. Together we must identify, detect and react to cyber threats and protect the industry’s assets from attack.”
Security Operations Center
Earlier this year, SITA partnered with Airbus to address the air transport industry’s distinct concerns and created a unique CyberSecurity Aviation Security Operations Center (SOC). It acts like a cyber control tower with an integrated combination of processes, people and technology to detect, analyse, respond to, and report on cybersecurity incidents.
Markus Braendle, Head, Airbus Cybersecurity, said: “The air transport industry has unique cybersecurity challenges because of the varied and increasing use of smart end points across a largely distributed infrastructure. Digital transformation is enabling the air transport industry to deliver better services to its customers, but raising its threat exposure.”