Smart airports are possible, with good security – such as fast and hassle-free passenger screening – but airports also run the risk of cyber-threats to safety, according to a report by the European Union’s cyber security agency.
European Union Agency for Network and Information Security (ENISA)’s report ‘Securing Smart Airports‘ provides a guide for airport decision makers to implement available good practices to secure passengers and operations. This study also identifies gaps such as disparity of cyber security practices and lack of awareness and skills. The study aims to support airport decision makers and information security professionals in their security efforts and risk management.
Eight recommendations for enhancing the security and resilience of smart airports in Europe are presented in the report, tailored specifically towards decision makers, airport operators and industry. Recommendations include:
– Prioritising cyber security for safety;
– Establishing a clear airport cyber security posture and allocating cybersecurity experts and resources;
– Constant revision of cyber security policies and practices based on good practices monitoring; and
– Implementing network-based, holistic risk and threat management policies and processes for cyber security
Prof Udo Helmbrecht, Executive Director of Crete-based ENISA, said: “Integrating IoT on the existing airport infrastructure brings new security challenges. To ensure safety, operators need to incorporate cybersecurity in all stages of the security life cycle.”
ENISA defines smart airports as those airports making use of integrated Internet of Things (IoT) components to bring added-value services. By integrating smart components, airports are exposed to a larger attack surface and new attack vectors, the agency says. As such, airports need to guarantee everyday higher levels of cyber security due to the potential impact that cyber-attacks and disruptions can have on the safety of passengers and operators. Increasing awareness on cyber security risks and improving the security and resilience of the entire lifecycle of airport operations is now a priority, ENISA adds.
You can download the document at https://www.enisa.europa.eu/publications/securing-smart-airports. The study is aimed at Chief Information Security Officers (CISOs), Chief Information Officers (CIOs), IT directors, and heads of operations in charge of information security.
