industry unlocked
on the ability to do more and to do it
faster while aloft. That demand will only
increase further as airlines and other
aircraft operators seek greater access to
operational and systems data from their
flights while they are in the air, in order
to improve the cost-effectiveness of their
own operations as well as the in-flight
experience of passengers.
Would you offer any best practice
advice for dealing with threats in
this industry?
way to gain access to critical systems
and this means abusing human trust.
With deep fakes on the increase, this
exposes the aviation industry to new
cyberthreats that could put the industry
at serious risk.
Strong identity and access management
with privileged access security is a must
to ensure only authenticated users have
access to critical systems. Multifactor
authentication must be enabled and
used for all privileged access.
JOE CARSON: The aviation industry, while
advancing quickly and continuously
improving services, must not forget the
basics and cybersecurity best practices.
These are sometimes overlooked and, in
most situations, cybercriminals will look
for the easiest, cheapest and stealthiest
46
CHRIS ROBERTS: The aviation industry
should start to shift from the traditional
security stack to a more proactive
stance. Additionally, they must move to
an assumed-breach posture. This means
focusing less on deflecting an attack
and more on using tools that allow them
to assess their detection, deception and
data integrity options.
Are there any trends or future
trends that CISOs working in the
sector should prepare for?
CHRIS ROBERTS: Two trends with the
potential to introduce new cyberthreat
vectors to the aviation sector stem
from the availability of Internet-enabled
systems on board airplanes.
First, is the increasing presence
of Internet accessible passenger
Infotainment systems. Second, is the
presence of Internet of Things devices
used for predictive maintenance and
near real time reporting of operational
components in the aircraft. u
Issue 20
|
www.intelligentciso.com