Parallel to the ongoing digitalisation within the air transport industry, the number of cyberattacks on companies in the community continues to grow. With the rise of connected aircraft and airports enabled by smart technology, companies are becoming more exposed towards cyberthreats, thus the demand for cybersecurity solutions is becoming stronger and stronger. Here, FTE provides an insight into how some of the leaders in the industry are stepping up their efforts to provide new solutions to tackle this.
Munich Airport’s new Information Security Hub
With the spread of digitalisation in recent years, there has been a massive increase in the number of attacks on the IT systems of companies and public authorities in Germany.
Munich Airport has also become the target of cyberattacks on a daily basis. The airport has already taken a proactive approach to developing strategies for defending against cyberattacks and new approaches to the fight against cybercrime.
“First of all, we focus on creating the overall awareness for security issues in our corporation,” says Marc Lindike, Head of Information Security Assurance at Flughafen München GmbH (FMG). “Second, we concentrate on strong prevention measures, solid security perimeters and defence mechanism in case of a successful breach of the perimeter.” Some years ago, Munich Airport also introduced a security awareness programme for the entire staff to highlight the importance of cybersecurity. “This programme shows positive results,” Lindike adds.
Moreover, the airport recently opened its own Information Security Hub (ISH) – a competency centre where the airport operating company FMG and IT specialists will work together with experts from the European aviation industry.
“A professional testing and training environment is essential for success,” highlights Lindike. “It also offers security solution manufacturers the opportunity to try out new products and services under realistic conditions and jointly develop efficient and pragmatic approaches to fighting cyber-crime and promoting current trends. With the ISH we offer a platform for innovation, knowledge transfer, networking and shared efforts. Practically speaking, we are bringing together the ‘good guys’ to increase confidence and trust to develop joint defence measures.”
And while Lindike says that the collaboration between the different parties in the industry is massively important, he also suggests that each airport itself needs to build the knowledge to develop its tailored security strategy. “The collaboration with IT companies should focus on additional capacity or technical or specialist skills outside daily challenges. Its security is a core competence for a critical infrastructure like an airport.”
The good news, however, is that most of the necessary technologies to tackle cyber threats already exist. Lindike suggests: “The current tools and controls are addressing 98% of the problems as long as they are consequently implemented and applied in an intelligent way. We are talking about approximately 10% of new technologies which are further needed especially in the field of artificial intelligence and machine learning software.”
Airbus and SITA’s Security Operations Center Services
There can be little doubt that cybersecurity is fast becoming one of the top priorities for airlines and airports globally. Global IT provider SITA in its Air Transport IT Trends Insights 2017 showed that 95% of airlines and 96% of airports plan to invest resources into major cybersecurity programmes over the next three years.
“Cyberattacks are a very real threat, with the potential for huge knock-on effect in an industry as interwoven as the air transport industry,” says Vivien Eberhardt, Director, SITA Cybersecurity. “Layers upon layers of infrastructure could be impacted, with the consequence on global travel reverberating across the world. That is why the industry has placed such a high priority on cybersecurity to ensure that it stays one step ahead of a potential attack.”
To meet this demand, last year SITA partnered with Airbus to develop the Security Operations Center (SOC) – a tailored, industry-wide response to cybersecurity. The new incident detection services provide airlines, airports and other air transport industry stakeholders with information about unusual cyber activity that may impact their business.
By joining forces, SITA and Airbus can provide the most advanced cybersecurity solutions for the industry. “Together we will use our expertise to detect cyber activity relevant to airlines and airports,” adds Eberhardt. “When requested, the joint Security Operations Center Services will provide appropriate containment and remedial action that a company’s digital assets are safe from attacks.”
It is increasingly important for industry leaders to follow SITA and Airbus’ lead to combine forces to tackle cybersecurity. “Collaboration is really the key here. The interdependencies built into air transport systems and an accelerating digital transformation in the industry mean the vulnerability to attack is increasing. Cyber threats cannot be efficiently combated by acting unilaterally. In addition to having a solid cybersecurity strategy and tools in place, we, as an industry, must combine forces and find mutually agreeable ways of dealing with this reality.”
Another aspect identified both by SITA and Airbus is the importance for organisations to adopt a risk management approach, which requires a deep understanding of the threats and the systems to be protected. The adoption of these practises can then help reduce exposure to cyber risks and identify those risks, protect and monitor critical processes and assets, respond to cyber threats, plan ahead and, lastly, recover from the threat.
Markus Braendle, Head of Airbus Cybersecurity, adds: “In the cat-and-mouse game between organisations and cybercriminals, it’s essential that the industry has a shared approach to managing risk. It’s also vital that the intelligence that feeds this approach is sourced from across the industry and is always up-to-date.”
He continues: “That’s why we believe that SOC is essential in plugging the gaps in a single institution’s understanding of risks, and therefore its ability to identify threats early. This can improve the management of cybersecurity risks and mitigate the impact on systems, assets and data.”
Room for improvement
It has become clear that the air transport industry has placed cybersecurity as a top priority, however, recent research by SITA shows that there is still room for improvement with only one-third of boards at airlines and a fifth at airports having fully integrated cybersecurity into their business plans.
While protection against the threat of cyberattacks remains fundamentally important, it is not enough anymore. The challenge now remains for the air transport community to succeed in building a multi-faceted approach, which includes identification, protection, detection and reaction.