Aviation Cyber Security—maintaining safe, secure, and resilient operations—is a top priority for aviation.

Technology and digitization bring many advantages to aviation, but at the same time, create challenges in managing cyber vulnerabilities in this complex environment. The airline industry is an attractive target for cyber threat actors with a multitude of motivations, ranging from stealing value in data or money to causing disruptions and harm.

Through leadership and acting now, IATA will positively shape the nature of how the industry responds to the cyber security challenge.

Evolving an Industry Strategy

IATA is developing an industry-wide Aviation Cyber Security Strategy to support the industry in addressing this ever-evolving threat. As part of this process, IATA produced the Aviation Cyber Security position paper (pdf) that outlines the IATA's cyber security vision and mission as well as the next steps to be taken in addressing the aviation cyber security challenges.

This work is guided by the Security Advisory Council (SAC), which was established in June 2019. It advises IATA towards answering the cyber security challenges faced by IATA and the airline industry.

Collaborating with ICAO

IATA presented to the 40th ICAO Assembly the Information Paper A40-WP/395 Aviation Cyber Security – Moving Forwards (pdf) explaining the need for a coordinated and proactive progress on gaining visibility to and managing aviation cyber security risks. Through this paper, IATA also gave its support to the creation of the ICAO Cyber Security Strategy (pdf).

Earlier, IATA presented to the Second High-Level Conference on Aviation Security in 2018 the Working Paper HLCAS/2-WP/27 Aircraft Digital Protection – An Integrated Approach (pdf) 

Aviation Cyber Security Roundtable (ACSR)

Another critical component of the cyber security strategy is the Aviation Cyber Security Roundtable. This annual event aims to better understand and manage cyber security risk by collaborating across disciplines and sharing experiences to develop tangible solutions to help the aviation industry deal with the threat. The ACSR gathers industry stakeholders to work towards a 2030 vision for a coordinated approach to aviation cyber security.

The work of the roundtable is focused on four elements:

  • Cyber security culture: Promoting a positive cyber security culture and raising awareness across the industry.
  • Transparency and trust: Establishing a global approach to cyber security with a similar mindset to that which has guided aviation on safety and general security issues.
  • Communication and collaboration: Creating stronger relationships among players in the aviation industry and with external entities to improve the development of best practices and the management of potential vulnerabilities.
  • Workforce: Ensuring that aviation personnel are trained to recognize and manage cyber security risks; and inspire the next generation leaders.

Find out what was discussed at the last roundtable (pdf)

Compilation of Cyber Security Regulations, Standards & Guidance Applicable to Civil Aviation

 

This Compilation of Cyber Security Regulations, Standards, Guidance for Civil Aviation (pdf) provides an overview on regulations, standards, and guidance related to aviation cyber security.

The current version (Aug 2020) will be continuously updated based on the crucial developments in regulations, standards, and guidance for aviation cyber security.

IATA Aviation Cyber Security Training

IATA delivers 3 days classroom on the aviation cyber security, ensuring to build a strong aviation cyber security workforce and teach the current aviation personnel how to recognize and manage cyber risks for increased vigilance and resilience.

Find out more about the IATA Aviation Cyber Security Training and how to register for the next class.

For more information

Should you want to be involved or have any questions related to Aviation Cyber Security, please do not hesitate to contact us.