The aviation industry needs to unify its approach to prevent cybersecurity shocks, according to a new study released today by the World Economic Forum.
The increased level of interdependencies can lead to systemic risks and cascading effects as airlines, airports, and aircraft manufacturing take different approaches to counter cyber risks.
To guard against these risks and create a streamlined approach with civil aviation authorities, the World Economic Forum has launched the Cyber Resilience in Aviation initiative in collaboration with more than 50 companies.
The latest report, Pathways to a Cyber Resilient Aviation Industry, developed in collaboration with Deloitte, outlines how the industry – from airlines to airports to manufacturing and the supply chain – can work with a common language and baseline of practices. The report focuses on mitigating the impact of future digital threats on multiple levels:
· Aligning regulations globally
· Establishing a baseline of cyber resilience across the supply and value chain
· Designing an impartial assessment and benchmarking framework
· Developing international information-sharing standards
· Enabling reskilling
· Rewarding more open communication on aviation incidents
· Integrating cyber resilience in business resilience practices
· Ensuring risk assessment and prioritization
· Improving collaboration
“The aviation industry has developed a strong track record of safety, resilience and security practices for physical threats and must integrate cyber risks into this culture of safety and resilience,” said Georges De Moura, Head of Industry Solutions, Centre for Cybersecurity, World Economic Forum. “A common understanding and approach to existing and emerging threats will enable industry and government actors to embrace a risk-informed cybersecurity approach to ensure a secure and resilient aviation ecosystem.”
“The work of the World Economic Forum on aviation cyber resilience complements these global efforts led by the ICAO and is another excellent example of the importance of broad-based international collaboration among public and private stakeholders,” said Fang Liu, Secretary-General, International Civil Aviation Organization (ICAO).
“Adopting a collaborative cyber-resilience stance and creating trust between cross-sector organizations, national and supranational authorities is the logical yet challenging next step,” said Chris Verdonck, Partner, Deloitte, Belgium. “However, if the effort is not collective, cyber risks will persist for all. Further solidifying an extensive and inclusive community and developing and implementing a security baseline is key to adapt to the current digital reality.”
The Cyber Resilience in Aviation initiative has enabled organizations to create plans as a community to safeguard against current and future risks. It convenes over 80 experts from more than 50 organizations across global aviation and technology companies, international organizations, trade associations and national government agencies. Major collaborators include ICAO, NCSC, EASA, IATA, ACI, Eurocontrol and UK CAA.
The recommendations and principles developed by the community have been published in a set of reports, allowing companies worldwide to learn from their insights and develop their own policies to ensure cybersecurity in aviation.