Global Airline IT Security Survey 2009
Despite the global recession, last year showed an encouraging level of spending on IT security
The SITA Global Airline IT Security Survey provides useful insights for airlines and air freight businesses in dealing with the major issues surrounding security planning and delivery. The survey shows encouraging signs of improvement in how security threats are evaluated and measured within the sector.
It also provides a benchmark of current levels of automation surrounding IT security, giving airline organisations a view of how the industry as a whole is maintaining network vigilance. Whilst better security information appears to be providing greater visibility for security strategy, the call to action is that of ensuring strategic measures translate into reduced security threats and improved operational efficiencies.
Respondents in the survey estimated that airline and air-freight businesses are exposed each year to 28 incidents of network slowdown as a result of malware presence on the network. This suggests that, although improvements abound, there is still work to do in reinforcing defences against the ongoing battle of security threats and malware.
Download the executive summary of the Global Airline IT Security Survey 2009
(496 Kb)
Survey findings
Best practice
The 2009 survey shows a step change in the way that airlines and air freight organisations are dealing with security management in relation to previous years. In general best-practice measures are improving and the need for improved security-management information is also being responded to.
Investments
Regarding IT security investment, the economic downturn appears to have only a nominal influence on security budget increases / decreases against last year (2007-08). However, the number of businesses seeing cost cutting as a primary driver for outsourcing has increased considerably from 36% in 2007-08 to 58% in 2008-09.
Despite budget stability, cost efficiency is clearly playing a major role in decision making.
Compliance
With key compliance initiatives in the pipeline for 2009-10, there is a notable level of importance assigned to compliance as an issue for IT security professionals. This is combined with a healthy acknowledgement of the challenges that lay ahead in meeting compliance standards over coming years.
- Presence of best practice measures increases by an average of 14% from 2007-08
- Trend towards improved provision of security management information
- Cost-efficiency demands increase as security budgets remain fixed for 2009
- 73% of businesses see airline industry compliance as important in 2009
Reflecting the airline industry as a whole, the IT security function finds gains in key areas of strategy that should yield positive performances in operational areas. As long as there is sufficient cohesion between strategic intentions and 'on the ground' activity, strategic best-practice improvement shown in the survey should deliver value over time.
There are obviously hurdles to overcome in meeting organisational needs for air-industry businesses, but there are measures in place to do so. The key point is to ensure that the good work undertaken in creating transparent, measurable frameworks and practices is not undone by day-to-day security events or the increased pressures on security created by compliance in the wider organisation.
