CYBER SECURITY AIR TRANSPORT IT SUMMIT SHARING GOOD PRACTICES VIVIEN EBERHARDT, SITA CYBER SECURITY
CYBER SECURITY AIR TRANSPORT IT SUMMIT SHARING GOOD PRACTICES VIVIEN EBERHARDT, SITA CYBER SECURITY
CYBER SECURITY AIR TRANSPORT IT SUMMIT SHARING GOOD PRACTICES VIVIEN EBERHARDT, SITA CYBER SECURITY
SITA Cybersecurity SITA 2017 CYBER SECURITY IS THE #1 CHALLENGE FOR OUR INDUSTRY 81% of large companies have reported a breach 63% of airports consider sophisticated attacks a significant threat 77% of airlines consider cyber security at board level 72% of CIOs are investing in major cyber security projects
WHERE YOU DON T WANT TO BE... IDEALLY SITA Cybersecurity SITA 2017
SITA Cybersecurity SITA 2017 AVIATION CYBER THREATS LANDSCAPE Threats Risks Business Impacts HACKTIVISTS Information disclosure, disruption, reputation TECHNOLOGY Digital and Smart Legacy Systems Inventory and Patching New cyber weapons COMPLIANCE CRIMINALS Loyalty Programs, fraud, ransomware... + PEOPLE Human vector Shortage of expertise REPUTATION STATE & COMPANY DESTABILIZATION REGULATION FINANCIAL Espionage, service disruption, assets destruction Data Privacy, Aviation Industry, Critical Infrastructures
SITA Cybersecurity SITA 2017 TECHNOLOGY RISKS > BUSINESS IMPACT CISO, CIO Board, CEO, CMO, CRO, CFO... Confidentiality Reputation DATA & INFORMATION SYSTEMS Integrity Availability AVIATION CYBER SECURITY RESILIENCE Financial Resilience PEOPLE & ENVIRONMENT Technology Risks Business Impact
AVIATION EXECUTIVES CONCERNS SITA Cybersecurity SITA 2017 CISO, CIO Board, CEO, CMO, CRO, CFO Is is possible for a threat actor to put down an aircraft? Can you help to protect my reputation and safety? We need a Security Operations Centre to be compliant to regulation, could you help? Could you test the effectiveness of my incident detection? We need to assess our Security Program and Strategy. Could you add us to your Cyber Threat Intelligence community service? CONCERNS FOR CYBER RISKS I am facing a cyber crisis, could you send your experts now? How do I stop hackers from stealing my customers miles? Could you help us understanding the ATI specific threats & risks? How do I compare to others? Could you help me with GDPR or other regulations (NIS, PCI DSS, CNI, BSI...) Business Drivers Regulatory Compliance Avoid Damaged Reputation Avoid Regulatory Fines Cyber Risk Insurance
SITA Cybersecurity SITA 2017 AVIATION CYBERSECURITY FRAMEWORK Identify aviation cyber risks Develop the institutional understanding to manage cybersecurity risk to systems, assets, data, and capabilities AVIATION CYBER SECURITY RESILIENCE Protect Aviation critical assets Risk mitigation controls and safeguard tailored to the Air Transport context and constraints. React for business safeguard Mitigate potential business impacts of an incident or eventually a crisis. Detect Industry specific attacks Tailored detection solutions and scenario to the aviation sector. Source: SITA Analysis
SITA Cybersecurity SITA 2017 SITA CYBER SECURITY SERVICES IDENTIFY THE CYBER THREAT o o o Risk, Compliance and Maturity Assessment. Cyber Security Program. Vulnerability Assessment and Penetration Testing. REACT TO CYBER ATTACKS SITA CYBER SECURITY PORTFOLIO PROTECT COMPANY ASSETS o Perimeter, End Point, Data. o Identity and Access. o Cloud Security o Awareness & Training. DETECTION OF CYBER ATTACKS o o o Incident Response. Crisis Management. Compromise Assessment. o o o Aviation Security Operations Centre (SOC). Industrial Control Systems Monitoring. Contextual Threat Intelligence.
SITA Cybersecurity SITA 2017 FOCUS : TYPICAL AVIATION CYBER SECURITY PROGRAM IDENTIFY PROTECT DETECT REACT EXECUTIVE LEVEL AWARENESS RESOURCES & FUNDING TARGET OPERATING MODEL Maturity Assessment Benchmarking RISK ASSESSMENT REGULATORY COMPLIANCE Cybersecurity Strategy Target Model Definition Cybersecurity Transformation Program Risk Appetite Managed Security Services Mitigation Measures IT /OT security governance Users and third party Information security policies Communication & awareness User account & rights management Information system hardening Servers administration & operations Network partitioning Integration of security in project Security Operations Center SIEM Security Information Management Systems Monitoring & Reports Logging Policy Definition & Implementation Inform Stakeholders Business Continuity Cybersecurity Incident Process Cybersecurity Incident Classification Cybersecurity Readiness (People & Tools) Incident Response External Incident Response Team Compromise Assessment CONTINUOUS IMPROVEMENT (IDENTIFY PROTECT DETECT REACT)
SITA Cybersecurity SITA 2017 AIRPORT USE CASE CYBER MATURITY ASSESSMENT 1. BUSINESS RISKS 2. BUSINESS PROCESSES 3. TECHNOLOGY ASSETS 4. CYBER RISK ASSESSMENT Identify and assess business risks relevant to your transformation program Review impacted business activities, processes and controls Identify critical IT assets supporting these business processes > vulnerabilities? Identify potential threats, assess cyber risks Program / Acquisition Strategy Compliance / Regulatory Baggage Management Managing Passengers & Visitors Concessionaires Products & Services LEGACY SYSTEMS ICS / OPERATIONAL TECHNOLOGY Hacktivists Regulations Threats Insiders Criminals Nation-state Technology Reputational Financial Safety Air Traffic Management Maintenance Services Passenger Safety & Security CONNECTED OBJECTS / IOT KIOSKS & SELF- SERVICE DEVICES Cyber Risks Legal Operational Cargo & Freight Services Aircraft Rescue & Firefighting APPLICATIONS AND SERVICES Aeronautical Services Infrastructure Rental Services NETWORK & INFRASTRUCTURE
AIRLINE CYBER SECURITY PROGRAM FOR AIRCRAFT USE CASE IDENTIFY PLANNING IMPLEMENTATION AIRCRAFT SYSTEMS AIRCRAFT OPERATIONAL ENVIRONMENT Threat Intelligence Vulnerabilities Policy Deviations Recent Incidents Internal Risks ICAO EASA A-ISACA OTHERS RISK ASSESSMENT COMPLIANCE MANDATES IFE/IFC ACARS GROUND INFRA MAINTENANCE SATCOM FMS External CURRENT STATE (AS-IS) Maturity Assessment FUTURE STATE (TO-BE) Risk and security management Security assessments Incident response Cyber Intelligence Security monitoring of air and ground assets Cyber security trainings for crews and IT personnel Monitoring & Response - Incident response processes - Crisis management - PR Crew & IT Training - Monitoring and response services operation - Increased cyber security awareness Remediation - Fix - Security Controls - Report /PR - Media monitoring RISK COMPLIANCE & ASSESSMENT DEFINE TRANSFORMATION SCOPE ESTABLISH DELIVERY STRATEGY OPERATIONALIZE Business driver : reputation / SAFETY IS NOT AT STAKE!! SITA Cybersecurity SITA 2017
You have shared with us your top 10 security AVIATION requirements CYBER to have SECURITY efficient solutions : GOOD PRACTICES OBSERVED SITA Cybersecurity SITA 2017 1 Raise awareness with company board 2 Risk-based, top-down approach 3 Perform cyber maturity assessment 4 Prepare for real attacks to lower impact and cost 5 Update Processes, Tools, train people, measure 6 Perform distributed cyber risk assessments of suppliers 7 Adopt industry cybersecurity and data protection standards SITA Cyber Security 8 Engage with peers, share and receive cyber intelligence
Industry Collaboration Cyber Threat Intel. SITA Cybersecurity SITA 2017 THREATS SHARING : SITA COMMUNITY VALUE Foster increased collaboration for: collective defense to facilitate industry responses and mitigation of risks disruption to business Support sharing of actionable security info. on emerging threats, vulnerabilities and techniques to: support their security management and risk mitigation activities
CCTC SHARING PLATFORM SITA Cybersecurity SITA 2017
SITA Cybersecurity SITA 2017
THANK YOU VIVIEN.EBERHARDT@SITA.AERO SITA Cybersecurity SITA 2017