In this blog, Kevin Sawyer – Aviation Security lead for CAA International, explores the practical tools available for those looking to measure, assess and improve the security culture within their organisations.
Stuart Coates6th July 2021
As innovation and technological advancement in the aviation sector increases, so does our reliance on the information systems that support them. This reliance means that the range and impact of potential cyber threats have become more diverse.
Our cyber security experts have led the international efforts to develop a proportionate and effective approach to cyber security oversight that enables aviation to manage cyber security risks without compromising aviation safety, security or resilience.
With cyber security increasingly becoming a critical part of safety and security operations and regulations, we can support States in developing a regulatory framework and dynamic oversight programme to meet all domestic, European and international aviation cyber security regulatory obligations, helping States mitigate potential risks to cyber security.
Cyber Security in Aviation Assistance
Cyber Security Oversight System
As authors of the UK’s cyber security oversight system, we can work with the National Aviation Authorities (NAAs) to provide comprehensive and targeted advice on cyber security oversight.
Using our unique six steps approach that includes; engagement, critical systems scoping, cyber self-assessment for aviation, cyber audit, provisional statement of assurance and financial statement of assurance and certificate of compliance, we can help NAAs to achieve:
- A proportionate and effective regulatory framework leading to a resilient cyber aviation system that mitigates risks of cyber security incidents.
- An aviation system that benefits from the advantages of interconnected communications and services.
- Mechanisms that promote sharing of aviation cyber security knowledge, skills and capability.
- A common understanding between all aviation stakeholders of cyber threats, vulnerabilities, and risks, supported by accepted standards, advice and guidance.
Cyber Security Regulatory Framework
We can work with NAAs, helping them develop cyber security regulatory framework that meets the authority’s regulatory requirements and is compliant with international standards.
Our team of cyber security specialists work with the NAAs to understand their specific needs to design cyber security regulatory framework that:
- Defines NAA’s responsibilities for cyber security under existing domestic and international regulations.
- Provides a process for continuous reviews of new cyber standards, assurance and cyber management activities for in-scope aviation entities.
- Reflects how these standards, assurance and cyber management activities align to legal obligations specified in strategic priority and where gaps exist.
- Identifies key structural cyber vulnerabilities in the aviation system.
- Promotes the relationship with the industry to gain information from the real-world.
- Is integrated with other regulatory regimes including Safety Management System (SMS), Performance-Based Oversight (PBO) and the Regulatory Safety Management System (RSMS).
- Defines training requirements and compliance monitoring activities.
Aviation Security Training
We have developed aviation security training to help aviation professionals manage aviation security risks and achieve a safer and secure aviation industry.
Cyber Security Oversight in Aviation
Provides in depth knowledge into the cyber security oversight process developed by the UK CAA.
Security Management Systems
Explores the fundamentals of how to develop and maintain an effective Security Management System concept developed by the UK CAA.
Managing Insider Risks
Provides delegates with an understanding of the potential threat posed by insider activity and how to manage insider-related vulnerabilities.
Introduction to Security Culture
Explores what a security culture is, what the benefits of a security culture are and how it can be embedded.
Threat Image Projection – Implementation and Analysis
Provides an overview of the threats posed to aviation security and how TIP regulatory requirements are addressing these.
Related Projects
We have provided cyber security advice to organisations right across the globe, unlocking tangible aviation benefits on the local and national level.
Speak to our security team today
Kevin has 18 years of experience working in regulatory roles in the transport sector. Kevin has been working for the UK CAA since 2014, primarily in Aviation Security regulation but also in General Aviation and most recently as aviation security lead in CAAi. Prior to joining the UK CAA, Kevin spent 12 years with the Department for Transport in a variety of security-related roles ranging from compliance, policy, strategy and head of personnel security and vetting.
Kevin has significant experience of working on a number of high-profile security events and policies both domestically and internationally with a focus on risk management.
Kevin has an MSc in Risk, Crisis and Disaster Management.
Kevin has significant experience of working on a number of high-profile security events and policies both domestically and internationally with a focus on risk management.
Kevin has an MSc in Risk, Crisis and Disaster Management.
Kevin.Sawyer@caa.co.uk
Aviation Security Insights
Browse our latest publications, blogs and project updates on aviation security regulation.
It is no surprise that the global COVID-19 pandemic has posed unprecedented challenges to global industries, and the air transport sector is with no exception. With borders closed, national lockdowns and a slump in…
Zuzana Kralova17th February 2021
“Culture eats strategy for breakfast” is the often-cited refrain attributed to management consultant and writer Peter Drucker. What Drucker and many others have observed is that without the buy-in and commitment of an organisation’s…
Zuzana Kralova6th January 2021
VGFncyUzQSUyMCU1QnNob3dfcG9zdF9jYXRlZ29yaWVzJTIwc2hvdyUzRCUyMnRhZyUyMiUyMGh5cGVybGluayUzRCUyMnllcyUyMiU1RA== In 1996, the United Nations (UN) declared the 7th December as International Civil Aviation Day. The day has been celebrated by the International Civil Aviation Organisation and the global aviation community since to…
Zuzana Kralova7th December 2020
Kirsty Wells, SeMS Programme Lead, and Nina Smith, Head of Training and Human Factors at the Civil Aviation Authority (CAA), discuss the move towards Performance Based Oversight and how SeMS is the stepping stone…
Stuart Coates14th September 2020
