12 December 2024

Martin Smillie, SVP for Communications and Data Exchange (CDE), SITA

The airline industry is undergoing an unprecedented transformation driven by digital technologies. Airports and airlines are adopting a variety of technological innovations to improve operational efficiency, passenger experience and flight safety.

However, this growing reliance on technology also brings with it significant challenges, especially in terms of information security at airlines and airports.

Our everyday lives and security are constantly being threatened, with cyber-security one of the most pressing challenges for most of us. For the aviation industry that threat increases exponentially, given the myriads of systems that keep airports operating effectively and aircraft moving safely through our skies.

Air travel is one of the most complex, systems-rich industries. But as we implement new efficiencies for managing passenger flows and cargo throughput in our airports, and for the 9,000-plus commercial aircraft that are operating on air routes globally at any moment, we are adding new and even more complicated technologies to deliver efficiencies and sustainability. These systems present an increased surface area for IT security threats.

Equally, the global and interconnected nature of aviation supply chains present vulnerabilities for cyberattacks at multiple points. With ransomware said to have surged by 600% in supply chain in 2022, and compounded still further in the past two years, the threat of disruption to operations is real and ever-present. Add to this, the geopolitical tensions that prompt hacktivist groups to threaten critical infrastructure, together with the increase in digitalisation post-Covid and initiatives to meet sustainability goals, so you can begin to understand the clear and present risk to aviation.

Keeping our industry’s estimated 40-plus million passenger flights safely in the air in 2024 requires a rigorous approach to cybersecurity assessments; operational practices, standards and systems; and enhanced sharing of information among key stakeholders. A successful cyber-attack can have devastating consequences, from the loss of passengers’ personal data to the disruption of air traffic control systems. Therefore, the implementation of robust cybersecurity measures is necessary to protect both passengers and critical aviation infrastructure.

To combat the growing number of IT threats to security we must deliver a multi-layered approach to each system in the air, within and also off-airport premises, to locations that are remote from our core aviation infrastructure.

Solutions based on controlling the access to the network, also called Network Access Control, can now safeguard mission-critical infrastructure at airports and for airlines, addressing the growing demand for secure and reliable access for end users and assets, applying a holistic approach to secure people, applications and environment.

Research has shown that using a Network Access Control (NAC) solution can help businesses to reduce the security impact from breaches by 55%. Thanks to its automatization and intelligence, IT costs can also be reduced up to 33%, while employee productivity can be improved by more than 20%.

With increasing threats to digital infrastructure, particularly in complex environments like airports or applying ‘bring your own device’ (BYOD) policies, NAC offers unparalleled protection for Local Area Network (LAN) and Wireless LAN communications with additional layers of identification checks, threat analysis and network segmentation. This ensures that airports and airlines comply with industry security standards while maintaining operational efficiency and protecting passenger systems. ISO 27001 certification is a fundamental international standard in this regard, as it establishes the requirements for information security management.

The solution aligns with stringent cybersecurity recommendations from authorities like the US Transportation Security Agency (TSA) and the Airports Council International (ACI), providing granular control over network access and detailed logging capabilities. It also has the ability to quarantine non-compliant devices and assures geographic availability, while also helping airports and airlines enhance their cybersecurity posture and ensure regulatory compliance.

The benefits that network access control can bring to businesses are, among others, control of those users entering the network, as well as access to resources and business’ applications; it can limit access to specific resources for partners and guests; segment employees into groups according to their role using RBAC (role-based access control); and send automatic responses to incidents.

When designed to integrate seamlessly with an existing LAN & WLAN-managed service, NAC enhances network management by offering identity-based access control and policy enforcement. Utilizing a Zero Trust security model, every access request is authenticated, authorized, and continuously validated, ensuring only verified users and devices can connect to the network. This significantly reduces the risk of unauthorized access and potential breaches such as rogue access points.

In order to implement a NAC solution, it can be done using a dedicated appliance or run as a Virtual Machine (VM), sized and designed depending on the user and network requirements, with flexibility to adapt to different security levels ranging from the toughest, with Certificates and Multifactor Authentication, to the simplest, for IoT devices that do not even have a keyboard. This kind of solution is already being deployed by leading airports worldwide.

Demand for secure and reliable network access controls is higher than ever, particularly in airports where traffic and device segregation are paramount in different areas of airport infrastructure and security zones. As external threats to digital infrastructure escalate, we require solutions that will ensure that essential communication systems keep ahead, with built-in safeguards at access points and switches, with complete visibility and control over communication networks. Only this will ensure that key stakeholders can monitor who is accessing what, how, when, and from where.