Aviation Cyber Security—maintaining safe, secure, and resilient operations—is a top priority for aviation.
Technology and digitization bring many advantages to aviation, but at the same time, create challenges in managing cyber vulnerabilities in this complex environment. The airline industry is an attractive target for cyber threat actors with a multitude of motivations, ranging from stealing value in data or money to causing disruptions and harm.
Through leadership and acting now, IATA will positively shape the nature of how the industry responds to the cyber security challenge.
Evolving an Industry Strategy
IATA is developing an industry-wide Aviation Cyber Security Strategy to support the industry in addressing this ever-evolving threat. As part of this process, IATA produced the Aviation Cyber Security position paper (pdf) that outlines the IATA's cyber security vision and mission as well as the next steps to be taken in addressing the aviation cyber security challenges.
This work is guided by the Security Advisory Council (SAC), which was established in June 2019. It advises IATA towards answering the cyber security challenges faced by IATA and the airline industry.
Collaborating with ICAO
IATA presented to the 40th ICAO Assembly the Information Paper A40-WP/395 Aviation Cyber Security – Moving Forwards (pdf) explaining the need for a coordinated, proactive, and tangible progress on gaining visibility to and managing aviation cyber security risks. Through this paper, IATA also gave its support to the creation of the ICAO Cyber Security Strategy (pdf).
In November 2018, IATA presented to the Second High-Level Conference on Aviation Security (HLCAS/2) the Working Paper HLCAS/2-WP/27 Aircraft Digital Protection – An Integrated Approach (pdf) detailing the need for an Integrated Risk Management approach to cyber threats and risks for aircraft systems.
Aviation Cyber Security Roundtable (ACSR)
Another critical component of the cyber security strategy is the Aviation Cyber Security Roundtable. This annual event aims to better understand and manage cyber security risk by collaborating across disciplines and sharing experiences to develop tangible solutions to help the aviation industry deal with the threat. The ACSR gathers industry stakeholders to work towards a 2030 vision for a coordinated approach to aviation cyber security.
The work of the roundtable is focused on four elements:
- Cyber security culture: Promoting a positive cyber security culture and raising awareness across the industry.
- Transparency and trust: Establishing a global approach to cyber security with a similar mindset to that which has guided aviation on safety and general security issues.
- Communication and collaboration: Creating stronger relationships among players in the aviation industry and with external entities to improve the development of best practices and the management of potential vulnerabilities.
- Workforce: Ensuring that aviation personnel are trained to recognize and manage cyber security risks; and inspire the next generation leaders.
The next Aviation Cyber Security Roundtable is planned for Q2 of 2020.
IATA Aviation Cyber Security Training
As part of the Aviation Cyber Security Strategy, IATA delivers 3 days classroom on the aviation cyber security, ensuring to build a strong aviation cyber security workforce and teach the current aviation personnel how to recognize and manage cyber risks for increased vigilance and resilience.
Find out more about the IATA Aviation Cyber Security Training and how to register for the next class.
For more information
Should you want to be involved or have any questions related to Aviation Cyber Security, please do not hesitate to contact us.