euro cybersecurity campaign · 2017-10-03 · 1. rise of cyber threats •major cyber attacks in...

SITA CYBERSECURITY

Romanian Airports Association

Conference 03.Oct. 2017

[email protected]

Senior Sales Manager EUROPE

mailto:[email protected]

AVIATION CYBERSECURITY IN THE NEWS

Our Engagement Model Enabling Cyber Resilience Cybersecurity Challenges References & Partners Cybersecurity Organization

2

CYBER SECURITY IS RANKED AS THE #1 FOR OUR INDUSTRY

3

of large companies

have reported a

breach

81%

of airports consider

sophisticated attacks

a significant threat

63%

of CIOs are investing in

major cyber security

projects

72% of airlines consider

cyber security at board

level

77%

THREATS LANDSCAPE

Istanbul’s Airport

passport control

systems shut down,

2013.

Dubai International

Airport: critical

credentials stolen,

2013.

U.S. airport among

the targets

announced by the

Tunisian Hackers

Team.

Kiev’s Airport

widely infected by a

malware campaign

traced back to

Moscow.

Attacks on

Vietnam's two

largest airports

(flight information

screens, sound

system and

website), 2016.

There has been an increase in information security incidents, including both cyber-attacks and ICT dependencies disruptions,

experienced by the aviation sector worldwide in recent years. ENISA Securing Smart Airports

Dec. 2016

• Malware

• Web application vulnerability

exploits

• Denial of service

• Botnets

• Phishing

• Ransomware

• …

What techniques are used for cyber attacks?

• Theft of passengers personal

data

• Business disruption

• Credit card fraud

• Passport control system

disorder

• Reputation damage

• Threats to health & safety

• Luggage control failure

• Destruction of critical

infrastructure

• Fuel hedging tactics disruption

• Schedule management

algorithm disturbance

• Terminal CCTV hack

• …

How airports and airlines are targeted?

CYBERCRIME WILL COST BUSINESSES OVER $2 TRILLION

BY 2019 Juniper Research, 2015

HACKERS BOMBARD AVIATION SECTOR WITH OVER 1,000 ATTACKS

PER MONTH IN 2016

European Aviation Safety Agency, 2016

• Malicious actions

• Human error

• Third party failures

• System failures

• Natural phenomena

• …

What are the threats?


4

Attack on European

Airline Grounds 10

Flights

Ground operation

systems affected

Nation state

dirven attacks

targeting Airlines,

Aiports and Air

Traffic Control ,

2017

Mass Hack Sees

European Airline

Freeze Accounts

Frequent flyer

accounts targeted

IT'S A C-LEVEL / BOARD LEVEL

TOPIC

5

CISO, CIO Board, CEO,

CMO, CRO

We need to assess our

Security Program

and Strategy.

We need a Security

Operations Centre to

be compliant to

regulation, could you

help?

Could you test the

effectiveness of my

incident detection ?

Is is possible for a

threat actor to put

down an aircraft ? Can

you help to protect

my reputation and

safety ?

Could you help us

understanding the ATI

specific threats &

risks we have to

cover? How do I

compare to others?

How do I stop hackers

from stealing my

customers miles ?

Could you help me

with GDPR or other

regulations (NIS, PCI

DSS, CNI, BSI...)

I am facing a cyber

crisis, could you send

your experts now ?

Could you add us to

your Cyber Threat

Intelligence

community service?

CONCERNS

FOR

CYBER RISKS


Cyber Risk Insurance Avoid Regulatory Fines Avoid Damaged Reputation Regulatory Compliance Business Drivers

1. Rise of Cyber Threats

• Major Cyber attacks in the Aviation industry doubled since 2015.

• Recent audits realized by SITA show that airports & airlines are more and more subject to Cyber attacks

2. Growing Aviation regulation

• Aviation Industry faces a complex legal and regulation environment and permanent needs for Safety.

• GDPR, NIS, FAA, ICAO strengthen security constraints that weigh upon the industry.

3. Aviation environment specificities

• Cyber attacks are becoming more industry-tailored while Aviation has unique characteristics such as

loyalty program, baggage handling system, airfield lighting control, etc.

• There is a need for ATI unique cybersecurity management and solutions.

4. On-going digital transformation

• Digital innovation such as Modern Aircrafts and Smart Airports

• Significant opportunities for hackers to compromise Aviation information systems.

ARE YOU READY FOR AVIATION CYBERSECURITY TURBULENCES?

6

4

CHALLENGES

THAT IMPACT

YOUR

BUSINESS

Our Credentials

Aviation regulatory & standard compliance assessment

Aviation Crisis management

Airline incident response

Airport risk assessment

More than 60 customers in managed infrastructure security

Leveraging Unique Capabilities

• Knowledge of Aviation critical business processes

& IT assets

Focus on addressing risks and optimizing customer’s

time, resources and budget.

• Collaboration between SITA’s members

Facilitate industry responses to cybersecurity threats

and help mitigating risks.

• Knowledge of Aviation security standards and

regulations

Supporting airports & airlines in the delivery of their

activity globally.

• Unique partnerships

The best of cybersecurity expertise & SITA’s industry

know-how. (inc. Airbus)

• Local presence at airports

Performing first actions following an attack (first

responder).

ENABLING CYBER RESILIENCE: 100% AVIATION-TAILORED PORTFOLIO

7

IT'S A C-LEVEL / BOARD LEVEL

TOPIC

Reputation

Financial

Resilience

Confidentiality

Integrity

Availability DATA &

INFORMATION

SYSTEMS

PEOPLE &

ENVIRONMENT

AVIATION

CYBER

SECURITY

RESILIENCE

IT

Risks

Business

Impact

8

CISO, CIO Board, CEO,

CMO, CRO


AVIATION CYBERSECURITY BEST PRACTICES

9

Source: SITA Analysis

Develop the institutional

understanding to manage

cybersecurity risk to systems,

assets, data, and capabilities

Identify aviation cyber risks

Mitigate potential business

impacts of an incident or

eventually a crisis.

React for business safeguard

Tailored detection solutions and

scenario to the aviation sector.

Detect Industry specific attacks

Risk mitigation controls and

safeguard tailored to the Air

Transport context and constraints.

Protect Aviation critical assets

AVIATION

CYBER

SECURITY

RESILIENCE


Cybersecurity

Strategy

Cybersecurity

Transformation

Program

Target

Model

Definition

Risk

Appetite

RECOMMENDED AVIATION CYBERSECURITY APPROACH

10

PROTECT REACT IDENTIFY DETECT

EXECUTIVE LEVEL AWARENESS TARGET OPERATING MODEL

RESOURCES & FUNDING

Maturity

Assessment

Benchmarking

Mitigation Measures

IT security governance

Users and third party

Information security policies

Communication & awareness

User account & rights management

Information system hardening

Servers administration & operations

Network partitioning

Integration of security in project

Managed Security

Services

Security Operations

Center

Monitoring & Reports

Inform Stakeholders

SIEM Security Information

Management Systems

Logging Policy Definition

& Implementation

CONTINUOUS IMPROVEMENT (IDENTIFY – PROTECT – DETECT – REACT)

Business Continuity

Cybersecurity Incident Process

Cybersecurity Incident

Classification

Cybersecurity Readiness

(People & Tools)

Incident Response

External Incident Response

Team

Compromise Assessment


RISK

ASSESSMENT

REGULATORY

COMPLIANCE

REFERENCES

GOVERNANCE AND RISK

MANAGEMENT

ACTIVE CYBER DEFENSE

INCIDENT RESPONSE

Build / Improve Security Program

Typical engagement

$50K to $300K

Typical engagement

$150K to $1M

Typical engagement

$250K to $1M

IDENTIFY CYBER RISK AND PROTECT AVIATION CRITICAL ASSETS

DETECT AVIATION SPECIFIC ATTACKS

RESPOND AND RECOVER FOR AVIATION BUSINESS SAFEGUARD

Manage Cyber Risks

Security Program Assessment

Maturity Assessment

GDPR

Assess Security Level

Detect Risks and Threats

Compromise Assessment

Aircraft OT & IT Pentest

Prepare for Attacks

Respond to Attacks

Incident Response

Crisis Management

How we helped? Our Cybersecurity Offerings



11

CREATING COMMUNITY VALUE

12

Support sharing of actionable security info. on emerging threats,

vulnerabilities and techniques to:

• support their security management and risk mitigation activities

Cyb

er

Th

reat

In

tel.

Ind

ustr

y

Co

llab

ora

tio

n

Foster increased collaboration for:

• collective defense to facilitate industry responses and mitigation of risks

disruption to business

CCTC SHARING PLATFORM

13

14

Q&A

euro cybersecurity campaign · 2017-10-03 · 1. rise of cyber threats •major cyber attacks in...

Documents