Cybersecurity program & best practices

Similar documents
SOLUTIONS BRIEF GOGO AIRBORNE SECURITY SUMMARY 2017 Q3 RELEASE

Education Network Security

ALTITUDE DOESN T MAKE YOU SAFE. Satcom Direct s Comprehensive Cyber Security Portfolio for Business Aviation

PREPARE & PREVENT. The SD Comprehensive Cybersecurity Portfolio for Business Aviation

Cyber Risk Program Maturity Assessment UNDERSTAND AND MANAGE YOUR ORGANIZATION S CYBER RISK.

New York Cybersecurity. New York Cybersecurity. Requirements for Financial Services Companies (23NYCRR 500) Solution Brief

Cyber Risks in the Boardroom Conference

ISE North America Leadership Summit and Awards

Security by Default: Enabling Transformation Through Cyber Resilience

National Cyber Security Operations Center (N-CSOC) Stakeholders' Conference

Cyber Security on Commercial Airplanes

Understanding Your Security Posture (And How to Improve It)

Defense in Depth. Constructing Your Walls for Your Enterprise. Mike D Arezzo Director of Security April 21, 2016

2 nd Cybersecurity Workshop Test and Evaluation to Meet the Advanced Persistent Threat

A New Cyber Defense Management Regulation. Ophir Zilbiger, CRISC, CISSP SECOZ CEO

align security instill confidence

Securing Your Digital Transformation

SOLUTION BRIEF RSA ARCHER IT & SECURITY RISK MANAGEMENT

NERC Staff Organization Chart Budget 2019

EC-Council Certified Network Defender (CND) Duration: 5 Days Method: Instructor-Led

NETWORKING &SECURITY SOLUTIONSPORTFOLIO

NERC Staff Organization Chart Budget 2019

Defensible Security DefSec 101

EU General Data Protection Regulation (GDPR) Achieving compliance

Security Aspects Control Rationale Best Practices Self-Assessment (Click all that applicable) 1. Security Policy and Security Management

NERC Staff Organization Chart Budget 2018

One Hospital s Cybersecurity Journey

Continuous protection to reduce risk and maintain production availability

Introduction. Deployment Models. IBM Watson on the IBM Cloud Security Overview

ISO COMPLIANCE GUIDE. How Rapid7 Can Help You Achieve Compliance with ISO 27002

2018 IT Priorities: Cybersecurity, Cloud Outsourcing & Risk Management. Follow Along

FOR FINANCIAL SERVICES ORGANIZATIONS

FAA Cybersecurity Test Facility (CyTF) By: Enterprise Information Security Team ANG-B31 Patrick Hyle, William J Hughes Technical Center

BULLETPROOF365 SECURING YOUR IT. Bulletproof365.com

Cyber Incident Response. Prepare for the inevitable. Respond to evolving threats. Recover rapidly. Cyber Incident Response

Information Technology Branch Organization of Cyber Security Technical Standard

Copyright 2016 EMC Corporation. All rights reserved.

May 14, :30PM to 2:30PM CST. In Plain English: Cybersecurity and IT Exam Expectations

BUILD YOUR CYBERSECURITY SKILLS WITH TRASYS INTERNATIONAL

Troubleshooting and Cyber Protection Josh Wheeler

Evolving the Security Strategy for Growth. Eric Schlesinger Global Director and CISO Polaris Alpha

NW NATURAL CYBER SECURITY 2016.JUNE.16

How to Prepare a Response to Cyber Attack for a Multinational Company.

Information Security Controls Policy

Monthly Cyber Threat Briefing

DFARS Compliance. SLAIT Consulting SECURITY SERVICES. Mike D Arezzo Director of Security Services. SLAITCONSULTING.com

Connect to an inflight experience unlike anything else. Elite inflight Internet for VVIP aircraft

Security and Privacy Governance Program Guidelines

ISO 27001:2013 certification

Mark Littlejohn June 23, 2016 DON T GO IT ALONE. Achieving Cyber Security using Managed Services

Altius IT Policy Collection

NERC Staff Organization Chart

BULLETPROOF365 SECURING YOUR IT. Bulletproof365.com

Security

Kenna Platform Security. A technical overview of the comprehensive security measures Kenna uses to protect your data

A Global Look at IT Audit Best Practices

Plant Security Services Protecting productivity in the digital era October

Reinvent Your 2013 Security Management Strategy

ForeScout CounterACT. Continuous Monitoring and Mitigation. Real-time Visibility. Network Access Control. Endpoint Compliance.

AT&T Endpoint Security

KantanMT.com. Security & Infra-Structure Overview

Information Technology Security Plan Policies, Controls, and Procedures Identify Governance ID.GV

Cyber Security Program

DEFINITIONS AND REFERENCES

ipass Inflight Wi-Fi Connection Quick Start Guide

mhealth SECURITY: STATS AND SOLUTIONS

ipass Inflight Wi-Fi Connection Quick Start Guide

NERC Staff Organization Chart Budget 2017

UNB S CYBERSECURITY PROGRAM

Course Outline Topic 1: Current State Assessment, Security Operations Centers, and Security Architecture

K12 Cybersecurity Roadmap

Automating the Top 20 CIS Critical Security Controls

Run the business. Not the risks.

Course overview. CompTIA Security+ Certification (Exam SY0-501) Study Guide (G635eng v107)

DATA SHEET RISK & CYBERSECURITY PRACTICE EMPOWERING CUSTOMERS TO TAKE COMMAND OF THEIR EVOLVING RISK & CYBERSECURITY POSTURE

Delivering Integrated Cyber Defense for the Cloud Generation Darren Thomson

Choosing the Right Security Assessment

NERC Staff Organization Chart Budget 2017

Position Description. Computer Network Defence (CND) Analyst. GCSB mission and values. Our mission. Our values UNCLASSIFIED

Big data privacy in Australia

QuickBooks Online Security White Paper July 2017

Cybersecurity Session IIA Conference 2018

Cybersecurity: Considerations for Internal Audit. Gina Gondron Senior Manager Frazier & Deeter Geek Week August 10, 2016

Must Have Items for Your Cybersecurity or IT Budget in 2018

CompTIA Cybersecurity Analyst+

Nebraska CERT Conference

Ο ρόλος της τεχνολογίας στο ταξίδι της συμμόρφωσης με τον Γενικό Κανονισμό. Αντιγόνη Παπανικολάου & Νίκος Αναστόπουλος

EC-Council - EC-Council Certified Security Analyst (ECSA) v8

Critical Hygiene for Preventing Major Breaches

UNLOCKED DOORS RESEARCH SHOWS PRINTERS ARE BEING LEFT VULNERABLE TO CYBER ATTACKS

IC32E - Pre-Instructional Survey

Healthcare Security Success Story

SRM Service Guide. Smart Security. Smart Compliance. Service Guide

Security Monitoring. Managed Vulnerability Services. Managed Endpoint Protection. Platform. Platform Managed Endpoint Detection and Response

CyberSecurity. Penetration Testing. Penetration Testing. Contact one of our specialists for more information CYBERSECURITY SERVICE DATASHEET

Think Like an Attacker

RFP/RFI Questions for Managed Security Services. Sample MSSP RFP Template

DELIVERING SIMPLIFIED CYBER SECURITY JOURNEYS

Illinois Cyber Navigator Program

Enhancing the Cybersecurity of Federal Information and Assets through CSIP

Transcription:

Cybersecurity program & best practices How Gogo Business Aviation secures its airborne networks and inflight internet systems Live Webinar Thursday, September 28, 2017

Welcome & housekeeping notes Webinar covering how we secure our airborne networks and inflight internet systems Want to ask a question? All phones are muted during the webinar To ask a question, use the chat function on the lower left side of your screen Q & A at end of the webinar

Today s presenters Brett Bradshaw VP & Chief Information Security Officer Gogo Corporate Doug Young VP, Software Architecture Gogo Business Aviation Matt Kocsis Software Engineering Manager Gogo Business Aviation

IMPORTANCE OF CYBERSECURITY TO BUSINESS AVIATION 7

Cybersecurity and the aviation industry Ensuring Cybersecurity drives Shareholder Value Being secure enhances Gogo s brand reputation by preventing information breaches Providing security protects customers and puts them first Building security proactively instead of reactively allows Gogo to stay ahead Cybersecurity direction is provided by the Board of Directors and Senior Leadership Being serious about cyber before events occur ensures Gogo is prepared 8

Gogo Business Aviation and its airborne network Clear standards at all stages of development and delivery Leverage state-of-the-art enterprise networking design Continuous monitoring and analysis to identify potential risks Partner with FAA and other aviation stakeholders to lead in defining best practices 9

OUR NETWORK COMPARED TO OTHER PUBLIC WI-FI NETWORKS 10

Connecting at home, work or other network 11

Connecting to Gogo airborne network 12

SECURED AIRBORNE NETWORK 13

14

On-board aircraft equipment isolation Open 802.11 and secure 802.11 wireless standards via WPA2 Gogo-supplied router prevents aircraft system intrusion Set up for listen only mode to aircraft broadcasts Other aircraft system components not accessible through Wi-Fi clients 15

Onboard inflight connectivity domains Three domains: Aircraft control, airline information services, and passenger information services Airborne router: Only passenger and flight crew devices (EFB, mobile, telephony) connect directly to router Read only access to aircraft DCU Aircraft DCU (READ ONLY) Airborne router Flight crew EFB and mobile devices Passenger personal devices and telephony

Secured air-to-ground network communications Data transfer between aircraft, ground stations and Gogo data center Use of licensed spectrum with proprietary link encapsulation Sound network design: Linux firewall protection Terrestrial network with two stateful firewalls, plus security measures Multiple data centers 17

CYBERSECURITY BEST PRACTICES 18

Gogo Network Operations Center (NOC) Continuous monitoring and support of airborne network: 24/7/365 Tier 1 & Tier 2 support Staff of data systems, wireless and IP support analysts Access-controlled environment for assured security Ability to quickly identify and respond to potential threats 19

Gogo cybersecurity best practices Monthly system vulnerability assessments Routine penetration tests and firewall analysis Firewall audits Awareness training: general security and secure coding FAA cybersecurity guidelines Compliance certifications Security policies Event log monitoring Endpoint security Privileged user access reviews Risk assessments 20

ONLINE BEHAVIOR BEST PRACTICES 21

When you connect in flight: Use: VPN when connected to the network Adblocker to protect from malicious ads An endpoint protection service Two factor authentication A password manager to store passwords A privacy screen Other considerations: Refrain from accessing sensitive sites or materials 22

WHAT S NEXT? 23

Future cybersecurity initiatives Cybersecurity is a journey, not a destination Pioneer comprehensive security posture across business aviation Continue to work closely with FAA and other aviation stakeholders 24

Our mission Give our customers the security and knowledge they need to trust Gogo Business Aviation with their personal and business lives online and in the air. 25

Downloadable solutions brief Available resource: business.gogoair.com/airborne-security-summary 26

Thanks for attending! Q & A 27

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback