In recent years, cyber security has become a key issue for airlines as they are impacted by outages in the availability of ticketing systems, loss of confidentiality in passenger data and the potential loss of integrity of operational data which can lead to incorrect load distribution and the associated safety issues. As systems become more connected, it creates new opportunities to improve operational efficiency but also new challenges to ensure the security of systems and processes.
Our experts have extensive experience in the transport industry working with companies in rail and aviation to identify improvements in operational efficiency and security risks. The Aircraft Commerce Consulting Cyber Security Health-Check program reviews the existing operational cyber security arrangements, identifies areas of excellence and finds where there is room for improvement. We also work with our client’s team to create a prioritized plan for implementing improvements. This is followed up by a cyber security impact assessment exercise where staff named in ‘response and recovery’ procedures are brought into realistic scenarios in which policies and procedures can be tested, evaluated and updated. Together we cover key requirements under recognized cyber security frameworks including ISO-27001 and NIST.
► The Health-Check Program provides each airline or operator with:
- A review of existing policies and procedures against recognized cyber security frameworks.
- A review of existing cyber security spending, identifying value for money and areas where budgets could be better allocated based on business risk.
- A report documenting existing operational cyber security risk assessments and procedures, identifying gaps and areas where there is potential for improvement.
- A prioritized plan to implement mitigations for any new risks identified..
The Health-Check program is divided into three core phases, working with your existing operational and security teams to review current procedures and security programs within your organization:
Initial Consultation (free)
Phase 1 - Preparation, Information Gathering and Analysis
Phase 2 - Cyber Security Health-Check Visit and On-site Workshop (2-4 days)
Phase 3 - Cyber Security Health-Check Results
Ongoing Support and Scenario-based Cyber Business Continuity Testing
Initial Consultation (free)
A 1 hour unique webinar session between our experts, and the airline’s key cyber security team to discuss the existing cyber security position of the organization and current security structure within the airline. We also discuss existing security spending and provide a value for money assessment of current spending within security.
PHASE 1 - Preparation, Data Gathering and Analysis
Working with the team responsible for cyber security at the airline, we compile a list of documentation that we would like our experts to review before the on-site workshop and Health-Check visit. This gives us an indication of the current maturity of any cyber security program currently in place, and ensures we can provide the most benefit while on-site.
PHASE 2 - Cyber Security Health-Check Visit and On-site Workshop (2-4 days)
Our consultants visit the airline, typically for two to four days depending on the requirements and complexity of the current Cyber Security program. During the on-site workshop we discuss the information gathered during the information gathering phase as well as a review of key policies in-place within the organization. We also interview key security personnel as well as operational personnel within the airline to assess security awareness and knowledge of the policies as documented.
PHASE 3 – Cyber Security Health-Check Results
Following the Health-Check Visit, we process all data and analyses to produce a comprehensive report that identifies key areas where cyber security policies are good, or OK, and areas with potential for improvement. We work with our client’s team to produce a prioritized list of areas where improvements could be implemented.
Ongoing Program Implementation Support and Scenariobased Cyber Business Continuity Testing (optional)
Our consultants are available for continued support should your cyber security team require assistance in implementing your improvement plan and improving cyber security across your organization. We can also provide business continuity testing for your organization, where we take teams and run through various cyber security scenarios, ensuring that policies and procedures are tested and responsibilities are understood by key individuals. Typically, support is conducted remotely, or can involve site visits for training or trouble-shooting.
What about the Cost?
The initial consultation is free of charge and will provide you with a short review of your security posture today as well as a review of your existing security spending and areas where you feel you might not be receiving value for money.
We understand that every company is unique – so following the initial consultation we formulate a Health-Check plan tailored to meet your exact requirements. The Cyber Security Health-Check is a cost-effective engagement where we provide a more wide-ranging review of your organization and a deep-dive into your security program. The outcome of this is an independent review of your existing systems with improvements that can be made in cyber security spending and a prioritized plan for improvement.
Contact us for more information and book a free Initial Consultation.
|Contact us for more information and book a free Initial Consultation:|
Alex Cowan, CEO, RazorSecure
||Alex Cowan founded RazorSecure in 2014 after a decade of working to develop secure systems and prevent intrusions in the gaming industry. Alex is a regular speaker at conferences related to transportation and cyber security, working to raise awareness of cyber security issues in industries that are struggling to meet the challenges of connected transport. RazorSecure are focused on providing next-generation cyber security products to protect transportation including inflight entertainment on planes, rail systems and self-driving and connected vehicles.|
Aircraft IT Operations – May / June 2018
EU Cyber Security Mandate
The threat of cyber-attacks on airlines, as Alex Cowan, CEO, RazorSecure explains, will now have to be countered in very specific ways according to an EU Directive.
(Click here to download)
|Conference Keynote Presentation:
Airline & Aerospace MRO & Flight Operations IT Conference - 24th & 25th October 2018
Cyber Security On-Board
A look at the risk of cyber attacks to on-board flight deck and cabin systems. Some case study examples are covered along with an outline of industry regulations.
See the pre-conference Aviation Cyber Security Training Workshop for a full overview of all cyber attack risks and how airlines can be prepared to meet them.
(Click here to download)
Aircraft Commerce Consulting was formed with Aircraft Commerce and Aircraft IT joined forces with a group of best-in-class consultants. This uniquely capable and experienced team provides a wide range of aviation consultancy services and health-checks focusing on M&E / MRO System; Flight Operations Technology, and Fuel Efficiency.