Board of Airline Representatives In the Netherlands

<< Back to publications index

IATA launches cybersecurity toolkit for air transport industry

ATW Online by Karen Walker 28 Oct.14

IATA has launched a set of tools that airlines, airports and air traffic management organizations can use to help identify, assess and reduce their chances of a cyber attack.

The Aviation Cyber Security Toolkit was announced Tuesday at the IATA AVSEC World aviation security conference in Washington DC.

“The aviation industry depends on essential IT infrastructure functioning reliably. While the industry has put in place best practices to protect its IT infrastructure, the threat is ever-evolving. The Aviation Cyber Security Toolkit provides guidance to help airlines and their partners stay one step ahead of those with intent to do harm through cyber-attacks,” IATA global director of aviation security Carolina Ramirez said.

The toolkit provides a detailed analysis of the current cyber threats and helps airlines and aviation security stakeholders identify ways to protect their critical IT infrastructures. These include reservation systems, departure control, aircraft maintenance, crew planning and flight management as well as technologies for electronic flight bags, e-enablement of aircraft and air traffic management. The toolkit also includes practical guidance materials and videos.

IATA has also joined with ICAO and others via the Industry High Level Group to coordinate cybersecurity activities and provide a common framework for the industry.

“We have not had the cyber equivalent of a printer cartridge plot, but we are not waiting for one to occur before moving forward. Aviation relies on computer systems extensively in ground and flight operations and air traffic management, and we know we are a target,” IATA CEO and DG Tony Tyler said.

“It is vital that government and industry embrace collaboration to understand and identify any threats and devise strategies to combat them. We cannot afford information silos. Regulations should be outcome-focused, not prescriptive. This is a fast-evolving threat that simply cannot be addressed with static, one-size-fits-all solutions.”