​​​​​​​With new aerospace Cybersecurity rules set to land - What’s the standard for operators?

July 3, 2023  |  Karoline Gore

The content of this post is solely the responsibility of the author.  AT&T does not adopt or endorse any of the views, positions, or information provided by the author in this article. 

Following a push for greater cybersecurity capability across the federal structure, new rules are on the way in the aerospace sector. According to the Washington Post, these rules will push liability on airport operators - even smaller enterprises - and demand sophisticated tracking and protection of flight data in the traffic control and data centers of airports nationally. With this push towards new rules and a greater level of security, there will inevitably be room for innovation and procurement of new technologies to fight malicious actors - but what tools will form this new foundation?

Building into the chain

Cybersecurity within the aerospace sector is not limited to just getting the planes off the ground. Indeed, it’s the steps leading up to flight, in the procurement supply chain, where expertise is most required. Fighting off cybersecurity threats effectively is about building resilience into every loop of that chain, and that can only be done so with an interest during every stage of the process.

Indeed, Aviation Week has noted a huge surge in cybersecurity attacks against the supply chain, with levels reaching 600% of the normal in 2023 so far. This extends into government procurement and the super-high security world of federal aviation. The new rules point towards greater responsibility being placed on suppliers from across the chain to take responsibility for their own section and ensure that their safeguards are up to date and using the latest technology.

Changing culture

There is a track record in federal aviation on how to change cultures. As The Register highlights, one pilot-turned-CISO noted how accepting a ‘just’ culture, in which mistakes are accepted, and reported, rather than ruthlessly punished, helped to make pilots better at their job and better at reporting errors. Removing the fear from the process, and having an open but secure system of cyberthreat reporting, will ensure that the culture will change and become more conducive towards fostering security. This is crucial - there must be a tightness over restricting cybersecurity challenges, but there must also be a permissiveness to make mistakes and learn from them.

Meeting future challenges

Cybersecurity faces challenges whenever technology shifts up a gear, and that’s set to happen once again. As the government highlights, electric aviation is on the way - for short haul at least - and that creates yet more flight risk. All modern aircraft are dependent on digital circuits, of course, but the more advanced the craft, the less contingency is built in to account for returning to mechanical means if those digital arrangements are compromised. Accordingly, there’s a lot of catchup for manufacturers to consider in order to meet the demands that electric aviation will present in its ultra-clean future.

In a word, the future of aviation cybersecurity is collaboration. Working with partners, pilots, technologists and planners to meet the challenge requires collaboration. In such a high-profile and high-stakes industry, it’s inarguable that any other approach will work as well.

Share this with others


Get price Free trial