Comprehensive Airport Cybersecurity Quick Guide and Assessment Tool

Slide Note
Embed
Share

This project by the National Safe Skies Alliance aims to provide airports with a comprehensive Cybersecurity Quick Guide and Assessment Tool. The guide helps airport managers understand and address cybersecurity issues while the assessment tool evaluates the maturity of their cybersecurity efforts. By incorporating NIST cybersecurity concepts and interviewing airport staff, the project offers recommendations and best practices to enhance airport security against cyber threats, tailored for airports of all sizes. Airport cybersecurity is crucial due to the increased frequency of cyber attacks targeting aviation systems.

emmitt
emmitt Follow

Uploaded on Jul 29, 2024 | 0 Views

Download Presentation

Please find below an Image/Link to download the presentation.

The content on the website is provided AS IS for your information and personal use only. It may not be sold, licensed, or shared on other websites without obtaining consent from the author. Download presentation by click this link. If you encounter any issues during the download, it is possible that the publisher has removed the file from their server.

E N D

Presentation Transcript

  1. AIRPORT CYBERSECURITY QUICK GUIDE AND ASSESSMENT TOOL National Safe Skies Alliance, Inc. Program for Applied Research in Airport Security (PARAS) 0007 Presented by: Synergy Solutions, Inc.

  2. PURPOSE OF THE PROJECT PARAS 0007 Quick Guide for Airport Cybersecurity: Twofold purpose Produce Cybersecurity Quick Guide document to help airport managers understand and address cybersecurity issues Develop and implement an easy-to-use tool to help airports of any size determine their level of risk to cyber attack and evaluate the maturity of their current cybersecurity efforts 2

  3. PURPOSE OF THE PROJECT continued Cybersecurity Quick Guide Discusses cybersecurity concepts in the context of the National Institute of Standards and Technology (NIST) Cybersecurity Framework Contains specific questions for airport CEOs/Directors to ask their staff members Explains how the Cybersecurity Assessment Tool works Gives cybersecurity best practices 3

  4. PURPOSE OF THE PROJECT continued Assessment Tool Designed to be run on common systems found at almost any airport Targets airport management teams with help from IT and cybersecurity staff Produces ratings for the airports cybersecurity program as well as suggested steps to improve in specific areas 4

  5. PROJECT METHODOLOGY AND APPROACH The project attempted to incorporate existing best practices and programs Included interviews with staff and management at large and small airports Reviewed existing regulatory requirements as well as recent cybersecurity incidents involving airports Vetted by a variety of airports for their comments and suggestions 5

  6. WHY AIRPORT CYBERSECURITY? Airports are a prime target of cybercriminals, hacktivists, and nation-state actors As in the business community, small and medium-sized airports may struggle to adequately protect the networks used to operate and manage the airport and serve passengers In 2016, an official of the European Aviation Safety Agency stated that aviation systems were being attacked on average over 1,000 times per month. 6

  7. MOTIVATIONS OF CYBERCRIMINALS Monetary gain Espionage and cyberwar Media attention Promotion of a viewpoint or cause (e.g., immigration or environmental issues, US or local politics, current events, etc.) Entertainment/social inclusion 7

  8. IMPACT TO MY AIRPORT Phishing attacks against airport personnel resulting in information theft or network penetration Defacement or service interruption to airport websites Ransomware attacks encrypting airport files and data Theft of sensitive airport documents or emails Theft of credit and debit card information from passengers and other visitors 8

  9. IMPACT TO MY AIRPORT continued Release of airport executive s personal information, such as home address, email address, family member information, and phone numbers (known as doxing ) Baggage systems disruption Attacks on airport electronic signage Disruption of airport HVAC systems or other network accessible systems Attempts to disrupt airport physical security systems 9

  10. RECENT CYBERATTACKS ON AIRPORTS In January 2016, the network at the airport in Kiev, Ukraine was penetrated by an attack that appeared to originate in Russia In March 2016, an 18-year old in Pittsburgh attempted to take down the Brussels airport website and penetrate the airport network. In July 2016, hackers from China attacked two of Vietnam s largest airports, as well as the website of the Vietnamese airline In March 2017, an attack was conducted against Schiphol Airport in Amsterdam by Turkish hacktivists as part of a disagreement between Turkey and the Netherlands. 10

  11. ORGANIZATION OF QUICK GUIDE DOCUMENT Section 1 Introduction Section 2 For the Airport Executive Section 3 Cybersecurity Basics and NIST Cybersecurity Framework Section 4 Risk Assessment Tool Section 5 Cybersecurity Best Practices 11

  12. ORGANIZATION OF ASSESSMENT TOOL 12

  13. ORGANIZATION OF RISK PROFILE SECTION INHERENT RISK PROFILE Inherent Risk Profile Input Airport Profile Begin Services Inherent Risk Profile assessment Inherent Risk Results Technology Environment Governance Reset Inherent Risk Results 13

  14. AIRPORT INHERENT RISK ASSESSMENT 14

  15. RISK ASSESSMENT REPORTING 15

  16. ORGANIZATION OF CYBERSECURITY PROGRAM MATURITY SECTION 16

  17. CYBERSECURITY PROGRAM MATURITY ASSESSMENT 17

  18. CYBERSECURITY PROGRAM MATURITY ASSESSMENT 18

  19. GLOSSARY OF CYBERSECURITY TERMS 19

  20. PROGRAM MATURITY REPORTING 20

  21. RECOMMENDATIONS FOR IMPROVEMENT 21

  22. USING QUICK GUIDE DOCUMENT & TOOL Read the Quick Guide and familiarize yourself with the Assessment Tool Airport CEO/Director material in Section 2 and Appendixes C & E of the Quick Guide will help senior executives focus their questions Assessment tool is designed for airport operations and IT team to complete, not executives 22

  23. USING QUICK GUIDE DOCUMENT & TOOL continued Spend some time up front to gather data to make filling out the tool quicker and easier The exact process is up to you Divide the tool into sections and have appropriate staffers complete them Designate one or two people to gather data and complete the tool Complete tool as a group effort of several IT, IT security, and airport operations experts Use the tool reporting and materials in the Guide document as basis for a hard look at your own cybersecurity risk and program 23

  24. WRAP UP Quick Guide and Cybersecurity Assessment tool were developed to be applicable to airports of all sizes Quick Guide provides cybersecurity program basics, specifics for airport CEO/Directors, and detailed instructions for using the tool Cybersecurity Assessment tool allows a small team of airport staff members to quickly develop profiles of the airport s cybersecurity risk and the state of its cybersecurity program 24

Related


Cybersecurity Career Path Overview

Cybersecurity Career Path Overview

rusty
Ensuring Business Security: Cybersecurity Webinar Insights

Ensuring Business Security: Cybersecurity Webinar Insights

amelia
Establishing Safety Standards in Non-Movement Areas at Smith Reynolds Airport

Establishing Safety Standards in Non-Movement Areas at Smith Reynolds Airport

siennarose
Identify the Different Components of an Airport

Identify the Different Components of an Airport

francesco
Insights on Airport Grants and FAA Capital Planning Process

Insights on Airport Grants and FAA Capital Planning Process

stephanie
Workshop on Cybersecurity Professionalism & Ethics

Workshop on Cybersecurity Professionalism & Ethics

acke_ddy
Fairbanks International Airport Police & Fire Department Information

Fairbanks International Airport Police & Fire Department Information

octavio
Organizational Review and Recommendations for Duluth Airport Authority

Organizational Review and Recommendations for Duluth Airport Authority

jonas
Airport Emergency Preparedness: Essential Guidelines for Managers and Sponsors

Airport Emergency Preparedness: Essential Guidelines for Managers and Sponsors

xochitl
Airport Drivers Training Program for Safety on the Airfield

Airport Drivers Training Program for Safety on the Airfield

junius
Fingal Organised Residents United Movement Forum Presentation on Aircraft Noise Regulation Bill 2018

Fingal Organised Residents United Movement Forum Presentation on Aircraft Noise Regulation Bill 2018

godric
Streamlining Procurement Processes at DFW Airport with Bonfire eProcurement Platform

Streamlining Procurement Processes at DFW Airport with Bonfire eProcurement Platform

madara
Friedman Memorial Airport Environmental Assessment & Land Use Compatibility Project Update

Friedman Memorial Airport Environmental Assessment & Land Use Compatibility Project Update

nabi_611
Cybersecurity and Supply Chain Risk Management: Best Practices for Procurement

Cybersecurity and Supply Chain Risk Management: Best Practices for Procurement

yousef
C2M2 Version 2.1 Cybersecurity Model Overview

C2M2 Version 2.1 Cybersecurity Model Overview

giana
Cybersecurity Risk Management in K-12 Education: Challenges and Strategies

Cybersecurity Risk Management in K-12 Education: Challenges and Strategies

betsy
Enhancing California's Election Cybersecurity Readiness

Enhancing California's Election Cybersecurity Readiness

mallory
Cybersecurity Expert Shiva V. Parasram - Profile and Advice

Cybersecurity Expert Shiva V. Parasram - Profile and Advice

deniz
Cybersecurity and Personal Finance: A Tale of Appily Ever After

Cybersecurity and Personal Finance: A Tale of Appily Ever After

elspeth
Empowering NNSA Cyber Professionals Through Enterprise Tools and Data Analytics

Empowering NNSA Cyber Professionals Through Enterprise Tools and Data Analytics

bloom
Adversarial Machine Learning in Cybersecurity: Challenges and Defenses

Adversarial Machine Learning in Cybersecurity: Challenges and Defenses

thirza
Which and How of Cybersecurity Frameworks

Which and How of Cybersecurity Frameworks

castor
Exploring Adversarial Machine Learning in Cybersecurity

Exploring Adversarial Machine Learning in Cybersecurity

bartholomew
Cybersecurity Tabletop Exercise Overview

Cybersecurity Tabletop Exercise Overview

rudi

More Related Content

Cybersecurity Entrepreneurship Workshop Highlights
Cybersecurity Entrepreneurship Workshop Highlights
Instrument human capital cybersecurity mkb bedrijven
Instrument human capital cybersecurity mkb bedrijven
Challenges in Cybersecurity Implementation: A Philippine Perspective
Challenges in Cybersecurity Implementation: A Philippine Perspective
Empowering Women in Cyber: CyberFirst Girls Competition
Empowering Women in Cyber: CyberFirst Girls Competition
Comprehensive Self-Evaluation Form for HCP - A Tool for Measurable Assessment
Comprehensive Self-Evaluation Form for HCP - A Tool for Measurable Assessment
REWIRE Cybersecurity Skills Alliance
REWIRE Cybersecurity Skills Alliance
CYBERSECURITY AWARENESS MONTH 2023
CYBERSECURITY AWARENESS MONTH 2023
Cybersecurity Risks for Remote CISTAR Facilities Study
Cybersecurity Risks for Remote CISTAR Facilities Study
Cybersecurity Industry Call for Innovation (CyberCall)
Cybersecurity Industry Call for Innovation (CyberCall)
Overview of DSW End Point Assessment Team Leader Level 3
Overview of DSW End Point Assessment Team Leader Level 3
Sheffield Early Help Assessment Form Update and Integration with Extended Support Plan
Sheffield Early Help Assessment Form Update and Integration with Extended Support Plan
Digital Agrifood Collective Commercial Viability Assessment Tool
Digital Agrifood Collective Commercial Viability Assessment Tool
Enhancing Language Learning Through Peer Assessment
Enhancing Language Learning Through Peer Assessment
Comprehensive Guide to Consultation Observation Tool (COT) in Primary Care Placements
Comprehensive Guide to Consultation Observation Tool (COT) in Primary Care Placements
Enhancing Cybersecurity with Bluedog VAPT Services
Enhancing Cybersecurity with Bluedog VAPT Services
Understanding the Carbon Scenario Tool for Climate Change Management
Understanding the Carbon Scenario Tool for Climate Change Management
FUNMOVES – A SCHOOL-BASED SCREENING TOOL OF FUNDAMENTAL MOVEMENT SKILLS
FUNMOVES – A SCHOOL-BASED SCREENING TOOL OF FUNDAMENTAL MOVEMENT SKILLS
Exploring the Components of an Airport: An Interactive Guide for STEM Activities
Exploring the Components of an Airport: An Interactive Guide for STEM Activities
CATS Independence Tool User Guide
CATS Independence Tool User Guide
Cybersecurity and Supply Chain Risk Management Best Practices
Cybersecurity and Supply Chain Risk Management Best Practices
Changes in Airfield Markings and Advisory Circulars for Airport Engineering
Changes in Airfield Markings and Advisory Circulars for Airport Engineering
Comprehensive Bug Hunting Toolkit for Cybersecurity Enthusiasts
Comprehensive Bug Hunting Toolkit for Cybersecurity Enthusiasts
Cleveland Airport System Environmental Analytical Services Pre-Qualification Meeting Overview
Cleveland Airport System Environmental Analytical Services Pre-Qualification Meeting Overview
Central European Steel Markets Regional Meeting 2017 at Courtyard by Marriott Warsaw Airport Hotel
Central European Steel Markets Regional Meeting 2017 at Courtyard by Marriott Warsaw Airport Hotel