The airport cybersecurity challenge

By Dominic Nessi, Airport Technology Consultant and member of the ACI World Technology Steering Group

Over the past few years, an increasing number of airports around the world have either experienced a direct cyber-attack or felt the impact of a cyber attack on an airline operating at its location.

The growth in such events has caused airport management to increasingly consider the question: “can it happen to us?” Unfortunately, the answer is “yes”.

Despite being one of a country’s most important and critical infrastructures, airports are not well-suited to address the challenges of an insecure cyber world. 

Cost, resource, attention

First, airports traditionally attempt to keep operating costs as low as possible so that their airlines can operate in the most cost effective manner, and effective cybersecurity measures do have a cost. 

Second, airports come in a variety of sizes and all but the world’s largest airports tend to have a very small information technology staff. It would be a rare exception for a medium or small airport to have the resources available to have a staff resource dedicated to cybersecurity. 

Finally, the cyber risk to an airport is generally not well known or understood at the airport management level and, as a result, may not always get the attention that it deserves.

Cybersecurity benchmark tool

Nevertheless, many airports are beginning to grasp the importance of developing effecting strategies to protect their data, systems and reputations. Led by ACI World’s Cybersecurity Task Force, ACI is currently developing an IT Cybersecurity Benchmark tool that will allow airports around the globe to compare their current cybersecurity efforts with the ISO standards 27001 – 27003. 

The Benchmark not only allows an airport to chart its own improvement over time, it also provides a comparison with other airports of similar demographics. This tool will play an essential role in an airport’s quest to implement a strong cyber-secure environment. The Benchmark will be available in Q3 2016 and will be available on a subscription basis.

Ten-point approach

ACI’s Cybersecurity Task Force offers a ten-point approach to the airport community to increase its cyber-awareness.

Dominic Nessi, Airport Technology Consultant and member of the ACI World Technology Steering Group

 

In addition to the Benchmark tool, ACI’s Cybersecurity Task Force offers a ten-point approach to the airport community to increase its cyber-awareness. 

  • The first is to really understand the reality of the environment in which an airport operates. A cyber-attack can happen to any airport.
  • Second, once an airport accepts the reality, it cannot underestimate the damage which can result from a cyber-attack. Airports can experience serious disruptions to operations, loss of data and money, as well as an airport’s reputation for good management.
  • Third, airports must work closely with their own governments to ensure that they are taking full advantage of any governmental protection, response or resources available. 
  • Fourth, cybersecurity is not just a technology issue. It crosses finance, legal, law enforcement and security and must be addressed organizationally.
  • Fifth, airports must take advantage of assistance offered by non-governmental agencies, such as Information Sharing and Analysis Centers (ISAC) that specialize in various industries.
  • Sixth, airports must realize that this impacts all airports and that a common approach is necessary, as a weak response to cybersecurity in one airport could impact others.
  • Seventh, a realistic look at risk in each individual airport is critical. Airports have hundreds of potential threat vectors and each needs to be reviewed to ascertain the likelihood of an attack and the potential damage an attack could cause.
  • Eighth, once an airport identifies its risks, it must take steps to address them in the most effective and cost-efficient manner by establishing a cyber-defense program consistent with the best practices offered by the ISO standards, NIST and other regulatory bodies.
  • Ninth, each airport must develop a cyber-attack response program which includes disaster recovery and continuity of operation plans. Additionally, airports need to include cyber-attacks into their airport incident response programs. 
  • Finally, tenth, airports need to work with industry leaders such as ACI, ICAO, IATA, and prominent airport experts such as SITA, to develop a comprehensive approach to addressing the realities of a world where the potential for disruption of its technology environment is always present.
Subscribe to the Air Transport IT Review