Protecting airports from cyberattacks: A common-sense approach

It's clear that cybersecurity is a growing concern within the aviation industry. With ongoing media coverage of crippling cyberattacks affecting a variety of industries, airports and airlines are realizing they aren’t immune to the latest threats. As a result, cybersecurity has become one of their main areas of focus.

Airports are becoming more connected, relying on technologies such as the cloud, integrated systems and the internet of things (IoT) for increased efficiencies. That interconnectedness, however, opens the door to old and new vulnerabilities, including security breaches, malware, spear phishing, social engineering tactics, identity theft and more.

A breach in an airport system could expose passengers’ personal data, impact security checks, affect back office systems, take control of arrival and departure notifications and more. This could severely affect an airport’s entire operation, resulting in lost revenue and tarnishing its reputation.

Currently, there seems to be a vast range in levels of preparedness when it comes to cybersecurity in airports. Jim Knaeble, global product manager at Rockwell Collins, notes that “Preparedness can vary from an airport where cybersecurity is almost nonexistent to one that has a well thought out plan in place.”

But planning is not the only area where there are discrepancies. “Depending on its size, an airport may or may not have the IT staff or resources available to monitor, analyze and respond to suspicious network security behaviors,” said Knaeble.

No “one size fits all” solution
The solution isn’t as easy as installing the latest firewall or malware detection software, Knaeble stresses. “There is no ‘one size fits all’ for airport cybersecurity. Each environment is unique, so conducting a proactive risk assessment is the best way to identify vulnerabilities to create a holistic cybersecurity program.”

And all vendors are not created equally when it comes to cybersecurity, notes Knaeble. “Airports need to be aware that the level of cybersecurity protections varies, so don’t assume that a minimum level is inherent in a system because often that’s not the case.”

Creating a comprehensive approach to cybersecurity
While new and emerging technologies will play a part in overall airport security, according to Knaeble, “The number one area that airports should be looking to invest in is creating a holistic cybersecurity program. This will ensure that all of their systems are being handled the same way, regardless of vendor.”

Key components of a comprehensive cybersecurity plan include a vulnerability assessment and penetration testing tools, along with appropriate source code practices and risk management programs to determine the set of real-world risks an airport’s system will face.

Another area of importance that Knaeble highlights is the need to integrate physical and cybersecurity solutions. “Closing the gap between IT and cybersecurity provides a stronger, smarter defense against any kind of attack.”

Once a plan is developed and security solutions are in place, ongoing internal education about security policies and enforcement is a critical component to a comprehensive cybersecurity plan, along with the enforcement of security best practices within the airport’s vendor and partner environment.

“Often, we find the biggest vulnerability within each airport tends to be internal. Employees may connect devices or click on a link to a site infected with malware, which can open the door to a breach,” said Knaeble.

Cybersecurity is ongoing concern
It's clear that cybersecurity will continue to be a priority for the airport industry for the foreseeable future. And with airports continuing to move towards the digital, more connected future, these concerns will likely increase. Airports of all sizes will need to create a comprehensive plan to identify, protect, detect and monitor cyber threats.

Rockwell Collins has a portfolio of services designed to address airport cybersecurity. Our services guide you through system assessment, design and build. We can implement our fully managed Cybersecurity Operations Center (CSOC) to put in place a tailored life cycle management solution that meets your needs.

Story posted: May 21, 2018

Share

Follow Rockwell Collins on