Transportation Security Administration (TSA) is increasing their focus on cyber protections in airports and is therefore implementing new requirements. As heightened cyber threats target US critical infrastructure, both airlines and aircraft manufacturers are compelled to address cybersecurity weaknesses. New regulations are showing them the path forward.
As cybercrime becomes increasingly lucrative, the aviation industry is an attractive and highly visible target for hackers who now thrive in ecosystems of organized criminality. With the aim to prevent disruption and degradation to infrastructure, the TSA issued an emergency amendment to airports and aircraft operators’ security programs which requires entities to develop approved implementation plans to improve their cybersecurity resilience. Therefore, to reduce the risk of cyber-attacks and deter malicious groups, airlines and aircraft manufacturers are advised to train and test existing security programs, then leverage protocol and equipment to make necessary improvements.
The TSA new mandate requires airports be able to proactively assess the effectiveness of these measures, which include the following actions:
- Develop network segmentation policies and controls to ensure that operational technology systems can continue to safely operate in the event that an information technology system has been compromised, and vice versa;
- Create access control measures to secure and prevent unauthorized access to critical cyber systems;
- Implement continuous monitoring and detection policies and procedures to defend against, detect, and respond to cybersecurity threats and anomalies that affect critical cyber system operations; and
- Reduce the risk of exploitation of unpatched systems through the application of security patches and updates for operating systems, applications, drivers and firmware on critical cyber systems in a timely manner using a risk-based methodology.