Aviation Cybersecurity Oversight

3-day course | Classroom & In-company delivery
4-day course | Virtual (5 hour daily sessions)
  • Interpret the 6 steps of the UK CAA’s Cybersecurity Oversight Process for Aviation
  • Learn to conduct a critical systems scoping exercise
  • Explore the synergies between SMS and SeMS
Next available course
Start Date Venue Cost Availability Book
18/09/2023 Online £1,092.00 More than 5 places Book
View all dates In-Company Info

Course overview

What is Cybersecurity Oversight?

Cybersecurity risk profiles are dynamic, meaning attackers are always looking to exploit vulnerabilities and can quickly develop new ways of breaching cyber defences. The aviation sector’s progressively interconnected systems require the sector to maintain an up-to-date awareness of both direct and indirect cybersecurity threats and hazards. The changing threat landscape therefore, encourages a proactive approach to cybersecurity and in response means aviation organisations need dynamic protection.

In line with ICAO’s Aviation Cybersecurity Strategy and the corresponding Cybersecurity Action Plan, ICAO is partnering with the UK’s Civil Aviation Authority (CAA) to address cybersecurity oversight.

The course builds on UK CAA’s experience in developing and implementing its cybersecurity oversight framework to ensure a proportionate and effective approach to cybersecurity oversight that enables aviation to manage their cybersecurity risks without compromising aviation safety, security, or resilience.

Course Overview

Aviation regulations increasingly include cybersecurity requirements and the aviation sector needs to demonstrate compliance with them. This ICAO TRAINAIR Plus course provides in-depth knowledge and insight into the cybersecurity regulations and how the oversight process developed by the UK CAA is one model that could be used to cover them.

The course provides practical examples and application of this material which can be taken away with you. This course is not a cybersecurity training course and will not provide general cybersecurity awareness or training.

Who should attend?

This course is suitable for individuals in any role responsible for managing or implementing cybersecurity / Information Security, Compliance Managers or other regulators implementing cybersecurity oversight.

Key topics

This training course will include the following topics:

  • ICAO Annex 17
  • Aviation Cybersecurity regulatory requirements and threat landscape
  • Cybersecurity Oversight Process for Aviation (CAP1753)
  • Cybersecurity Strategy

Course objectives

By the end of this course, learners will be able to:

  • Describe the relevant aviation cybersecurity regulatory requirements applicable to the aviation sector internationally and nationally, as well as explain how Risk Based Oversight (RBO) and Performance Based Oversight (PBO) can be utilised.
  • Understand and interpret the 6 steps that form the UK CAA’s Cybersecurity Oversight Process for Aviation (CAP1753), as one model for cybersecurity oversight.
  • Understand the importance of identifying a scope and how to conduct a critical systems scoping exercise.
  • Measure an organisation against the 14 principles of cybersecurity good practices, identify a variety of standards which are available to use (e.g., NIST, ISO27K standards), and understand how the UK’s Cyber Assessment Framework for Aviation could be used to support this.
  • Prepare and consolidate the evidence required for a Cyber Audit and requirements around levels of assurance.
  • Understand how to collate self-assessments, conduct audits and  create  Corrective Action Plans.
  • Understand the synergies between Safety Management System (SMS) and Security Management System (SeMS), as well as the possible options for implementing an Information Security Management Framework using the documentation produced from self-assessment, audit, and corrective actions plans.
  • Understand as a regulator or NAA, how to set a required level of cybersecurity and considerations on how to assess cybersecurity submissions from overseen entities.


You should be a stakeholder for cybersecurity within your organisation, you might be responsible for cybersecurity or for its oversight.

Delivery Methods: Classroom and Virtual

This course can delivered virtually or in-company.

Browse the table below to select your preferred date, delivery method and location (classroom only). If you can not find your preferred form of delivery and date, please contact us.

Course type:

  • Web = Virtual online delivery using WebEx video conferencing. We have applied a 5% discount to all our virtual course deliveries. Unless stated otherwise, our virtual courses are streamed live, starting at 09:00 am (UK time).
  • Class = A face-to-face classroom course delivered in the location listed in the “venue” column. In light of COVID-19, please check your eligibility and our COVID-19 measures.
Review of course
Related courses
Security Management SystemsMore
Introduction to Security CultureMore
Accountable Manager - SeMSMore
In-company delivery?

We can also tailor this training courses to suit an organisation’s individual training requirements. These bespoke training packages can be delivered in the UK or at a client’s international location. Contact us for more information.

Course Type Course Name Start Date End Date Venue Cost Availability Book
Web Aviation Cybersecurity Oversight (Virtual) 18/09/2023 21/09/2023 Online £1,092.00 More than 5 places Book

Meet our instructors: ICAO Aviation Cybersecurity Strategy

Meet our instructors: ICAO Aviation Cybersecurity Strategy

Sabrina Brookfield

Sabrina Brookfield

Cyber Security Oversight in Aviation

Sabrina is the Policy Lead for Cyber Security in the UK CAA. She is responsible for cyber aviation policy feeding into regulatory cyber security oversight in the UK, ensuring there is a proportionate and effective approach that enables aviation to manage cyber security risks without compromising aviation safety, security or resilience. Sabrina has previously worked in the finance sector in various roles such as risk, threat intelligence and liaison officer. She holds CISSP (Certified Information Systems Security Professional) and ISO27001 Lead Auditor. She also has a Bachelor of Science in Computer Science with Business.

Customer reviews

Our open access courses cover all of aviation’s safety regulatory disciplines
Browse all our courses
Follow CAAi
Share this page
UK Locations
Our Mailing Address Aviation House Gatwick Airport South West Sussex RH6 0YR T: +44 (0) 330 0224401 Our Registered Address Aviation House Beehive Ring Road Crawley West Sussex RH6 0YR
Malaysia Location
Malaysian Aviation Academy Department of Civil Aviation Jalan Pekeliling 2, 64050 Sepang Selangor, Malaysia T: +603 8777 9011
View shopping cart
Copy link
Powered by Social Snap