Panasonic Avionics latest “Up” blog entry looks at the threat of cybersecurity breaches, saying 85% of airline CEOS are concerned about the risk.
The blog says that according to a recent report by PricewaterhouseCoopers, this figure is a full 24% higher than CEOs in other industries.
It attributes this to concerns over passenger safety as well as the data and financial implications over a cyber-attack.
Hugo Teso, Head of Aviation Cybersecurity Services at F-Secure, said: “No airplane will be hijacked or taken over by cybersecurity-related means any time soon; OEMs, regulators and manufacturers take care of that even before a new aircraft is designed.
“Instead, it’s an airline’s brand and business continuity that are threatened by cybersecurity [breaches], and operators are the ones responsible for protecting their fleets against any risk.”
There are also legislative implications surrounding cyber breaches. The EU directive on the security of Networks and Information Systems, known as the NIS Directive, aims to raise the overall security and resilience of network and information systems across the EU.
The deadline for EU member states to bring the directive into domestic legislation is 9 May 2018 – and there are big financial penalties for companies who fall foul of the law.
Speaking to “Get Connected’s” Steve Nichols at the 2017 Apex EXPO in Long Beach, Alex Cowan, CEO of RazorSecure, said: “The fines for companies that don’t follow the NIS Directive can be huge. They could be up to four percent of a company’s worldwide revenue.”
“A minor data breach could cost them a fine of up to two percent of worldwide revenue, and this could be as simple as a breach that they didn’t report in the required 72 hours.
“Passive detection of data breaches doesn’t go far enough. Airlines need a system that continuously monitors how inflight Wi-Fi networks are being used and detects and corrects problems immediately,” Cowan said.