PA Consulting’s Justin Lowe, a digital trust and cybersecurity expert, discusses the cyber risks to businesses and what they can do to ensure that their systems and customers are kept secure. PA’s report ‘Overcoming the silent threat – business cyber resilience in airports’ is also mentioned in the article and key examples of ransomware attacks highlighted.
The article explains that cyber criminals are using a variety of tactics including Denial of Service attacks and ransomware attacks to cause problems for companies. Justin explains: “Additionally, there are safety-related risks if attackers focus on targeting systems that support physical security and aviation safety.”
The article goes on to address the recent change in the aviation regulatory world – the introduction of the EU Network and Information Systems Directive. Justin comments: “Unlike GDPR, where there is a similar approach for all countries, each nation is likely to introduce cyber resilience differently which might produce implementation challenges for operators who operate in multiple countries. It seems likely that the scope of these regulations may soon increase as additional operators are classified as operators of essential services.”
Commenting on integrating cybersecurity into day-to-day procedures and processes Justin says: “There are many standard tools and measures that can be used. Most of these involve getting the basics right – robust managing of IT systems and ensuring that they are correctly configured.”
He continues: “That includes strong passwords with multifactor authentication where appropriate. Access to information and systems should be locked down so that only the appropriately authorised users can access them.
“Anti-malware solutions should be deployed to prevent malware infections and all operating systems and applications should always have the latest security pitches.”
Justin goes on to share six tips to help business aviation companies protect themselves from hackers and data breaches: