As innovation and technological advancement in the aviation sector increases, so does our reliance on the information systems that support them. This reliance means that the range and impact of potential cyber threats have become more diverse.
Our cyber security experts have led the international efforts to develop a proportionate and effective approach to cyber security oversight that enables aviation to manage cyber security risks without compromising aviation safety, security or resilience.
With cyber security increasingly becoming a critical part of safety and security operations and regulations, we can support States in developing a regulatory framework and dynamic oversight programme to meet all domestic, European and international aviation cyber security regulatory obligations, helping States mitigate potential risks to cyber security.
Cyber Security in Aviation Assistance
Cyber Security Oversight System
As authors of the UK’s cyber security oversight system, we can work with the National Aviation Authorities (NAAs) to provide comprehensive and targeted advice on cyber security oversight.
Using our unique six steps approach that includes; engagement, critical systems scoping, cyber self-assessment for aviation, cyber audit, provisional statement of assurance and final statement of assurance and certificate of compliance, we can help NAAs to achieve:
- A proportionate and effective regulatory framework leading to a resilient cyber aviation system that mitigates risks of cyber security incidents.
- An aviation system that benefits from the advantages of interconnected communications and services.
- Mechanisms that promote sharing of aviation cyber security knowledge, skills and capability.
- A common understanding between all aviation stakeholders of cyber threats, vulnerabilities, and risks, supported by accepted standards, advice and guidance.
Cyber Security Regulatory Framework
We can work with NAAs, helping them develop cyber security regulatory framework that meets the authority’s regulatory requirements and is compliant with international standards.
Our team of cyber security specialists work with the NAAs to understand their specific needs to design cyber security regulatory framework that:
- Defines NAA’s responsibilities for cyber security under existing domestic and international regulations.
- Provides a process for continuous reviews of new cyber standards, assurance and cyber management activities for in-scope aviation entities.
- Reflects how these standards, assurance and cyber management activities align to legal obligations specified in strategic priority and where gaps exist.
- Identifies key structural cyber vulnerabilities in the aviation system.
- Promotes the relationship with the industry to gain information from the real-world.
- Is integrated with other regulatory regimes including Safety Management System (SMS), Performance-Based Oversight (PBO) and the Regulatory Safety Management System (RSMS).
- Defines training requirements and compliance monitoring activities.
Aviation Security Training
We have developed aviation security training to help aviation professionals manage aviation security risks and achieve a safer and secure aviation industry.
-
Cyber Security Oversight in Aviation
Provides in depth knowledge into the cyber security oversight process developed by the UK CAA.
-
Security Management Systems
Explores the fundamentals of how to develop and maintain an effective Security Management System concept developed by the UK CAA.
-
Managing Insider Risks
Provides delegates with an understanding of the potential threat posed by insider activity and how to manage insider-related vulnerabilities.
-
Introduction to Security Culture
Explores what a security culture is, what the benefits of a security culture are and how it can be embedded.
-
Threat Image Projection – Implementation and Analysis
Provides an overview of the threats posed to aviation security and how TIP regulatory requirements are addressing these.
Related Projects
We have provided cyber security advice to organisations right across the globe, unlocking tangible aviation benefits on the local and national level.
Speak to our security team today
Kevin has significant experience of working on a number of high-profile security events and policies both domestically and internationally with a focus on risk management.
Kevin has an MSc in Risk, Crisis and Disaster Management.
Kevin.Sawyer@caa.co.uk