Cybersecurity remains a key challenge for SITA members and an area where SITA continues to build on its community offering.
The SITA Community Cyber Threat Center (CCTC) now has 29 active SITA members and rising, including airlines, airports and other service providers. Since becoming operational, the center has shared 124 alerts and 31 threat intelligence advisories with members.
Complementing SITA’s Cybersecurity Aviation Security Operations Center (SOC), Consulting and Tools, the CCTC remains open to cybersecurity professionals throughout SITA member organizations.
The center is based on a customized alert system that provides rapid notification of sensitive information, such as stolen credentials, exposed on the open, deep, and dark web as well as threat feeds when detected.
Regular meetings are held to share insights and mitigation strategies, as well as discuss the evolving cyber threat landscape. Members also receive a weekly digest of cybersecurity stories and threat indicators affecting the air transport industry.
New automated threat intelligence feeds are now available to SITA members through the center. They provide valuable information to help airlines and airports identify potential threats to their systems, allowing the triggering of a timely response when needed.
Members also have access to customized alerts that directly impact their businesses, threat intelligence advisories, a directory of fellow members, the regular meetings where cyber experts can share best practice, and a weekly news digest summing up the key stories and latest cyber activity impacting our industry.
Another valuable community resource is the newly launched SITA ‘Air Transport Cybersecurity Insights 2018’, the first such SITA survey. It provides aviation-specific cybersecurity insights and aims to set a community benchmark.
As the most comprehensive study investigating cybersecurity trends within air transport, it drew responses from 59 senior decision makers at major airlines and airports globally, including CEOs, CIOs, CISOs, VPs and Directors of IT and security practices.
The results were revealed exclusively at the SITA Aviation Cybersecurity Symposium in Cannes on 13-14 November 2018. The Symposium brought together IT and cybersecurity experts from across air transport to discuss the unprecedented growth of cyber threats.
The research points to a rise in planned cybersecurity spend, but says existing challenges are delaying progress. Having too few resources impacts 78% of aviation organizations, it says, while budget constraints frustrate 70% of them.
The clear message is that as a community we must empower cybersecurity teams and ensure cybersecurity representation at the top table.
The pressing task is to make further advances, according to the research, which recommends establishing a long-term cybersecurity strategy. The survey shows that the vast majority of airlines and airports are conducting a formal risk assessment.
It also shows that proactive protection is becoming a primary driver, with over 70% of airports saying disruption of operations is their biggest concern. Airlines feel the same, though assign a similar level of importance to protecting passenger data. Ransomware, phishing and advanced persistent threats are cited as constant threats.
SITA’s cybersecurity Insights research reveals that one in two organizations will implement a SOC in the next three years. SOCs are “critical, complex projects,” cautions the survey, and they need to be implemented in stages, starting with business-critical matters.
SITA’s Air Transport Cybersecurity Insights is recommend to anyone in SITA’s member organizations who is charged with the responsibility of cybersecurity.
With one in two aviation organizations planning to implement a cybersecurity SOC in the next three years, SITA has defined the shared SOC concept. The result is SITA’s CyberSecurity Aviation SOC.
This is a center tailored to the air transport community, with a high level of standardization and shared between several stakeholders. Decisions are taken all together, while best practices and use cases are shared, with ‘community value’ at the center of the service.
Cost-effective and timely
Budget constraints and lack of expertise for many member organizations will make it cost-effective and timely to embrace SITA’s SOC. Ensuring all the activities of a SOC, the service leverages community experience and expertise to limit costs yet provide a competitive solution dedicated to air transport.
SITA’s CyberSecurity Aviation SOC address three core areas: Event management, Security incident management and Reporting management.
SITA has created an aviation-specific CyberSecurity Toolkit and Database to help airports and airlines establish a cybersecurity practice.
The Database captures all business processes of an airport or airline. It links every step of a passenger journey from ticket purchase to arrival at destination.
The Toolkit makes it possible to provide cybersecurity services suited to the needs of the air transport industry.
Building on these capabilities, SITA also provides CyberSecurity Consulting, offering greater in-depth assessment and advisory services specific to air transport’s business and operational needs.
This calls on SITA’s 70-year knowledge and experience of delivering and managing services for airlines, airports, air cargo, governments and ground handlers. It includes a 360° cybersecurity assessment, aviation vulnerability assessment, aviation cybersecurity awareness and training, and Pen tests and vulnerability assessment.