Subscribe Free
in Features

How well is aerospace protected against the hack attack?

Posted 7 February 2011 · Add Comment

Aerospace and defence companies are at risk of attack – not necessarily on their people but on another valuable asset, their data. Dr Alastair MacWillson, global managing director of technology consulting firm Accenture's security practice, looks at the threats and at how IT security can fight off these attacks.

For more than two decades, businesses and governments worldwide have struggled to understand the nature and scale of the cyber threat facing them and to develop appropriate responses.

In many cases, the strategies adopted to manage and mitigate these risks have included heavy investment in information assurance. Despite this investment, the view of many professionals is that a persistent adversary will still get through most organisations’ defences.

The cyber threats faced by aerospace and defence companies – and the corresponding need for robust, high calibre cyber security – are rising faster than in most other industries, and arguably quicker than in any of them.

As the threat of cyber attacks has escalated in recent years, aerospace and defence companies have been in the front line. By the nature of what they do, many have long faced a requirement to comply with standards of cyber security set by government defence departments. With one or two high-profile exceptions, the industry appears to have performed quite well in protecting its critical data assets and systems.

However, appearance and reality in cyberspace can differ widely. It is quite possible for an organisation to suffer a damaging intrusion, or theft, without even realising it. With this in mind, Aerospace and defence companies need to continually ask two key questions:

• How well are our systems and data protected?

• How do we know they are as well protected as we think they are?

Our experience shows that, while most industry bosses can answer ‘yes’ to both questions, they are less confident on the second one.

Concerted on-going investment in cyber security systems and processes can help to achieve high levels of security, but does not guarantee it in itself.

The investment needs to be targeted and implemented in the right way and in the right areas, under a coherent, consistent and holistic strategy that takes into account all the related risks.

In Accenture’s view, there are four key reasons why cyber threats are escalating particularly quickly for Aerospace and defence companies:  

* The industry’s attackers are becoming ever more professional

It is many years since hackers progressed from being “script kids” to highly organised professional criminals. But while all organisations face this threat, Aerospace and defence companies rank alongside government departments as the organisations most likely to attract the attentions of well-resourced – and potentially government- or terrorist- funded – hacking groups.

Organised criminals looking to steal and sell intellectual property assets would also put aerospace and defence companies at or near the top of their targets.  

* Escalating innovation in workforce technologies

Within aerospace and defence companies, the growing usage of emerging technologies, such as Internet-based communication and collaboration via mobile handsets, is creating challenges for cyber security processes.

Many security architectures still in place today were designed in the pre-Internet era and, not surprisingly, are now struggling to keep pace with the risks. Furthermore, many of the entrants to today’s workforce are habitual users of online applications that are almost impossible to monitor and control – such as social networking sites – and regard access to these as a personal right rather than a privilege. Clearly, anyone accessing such services via a device holding sensitive corporate data is exposing the organisation to unwanted and unnecessary cyber risks.  

* The increasingly “elastic” aerospace and defence enterprise

Aerospace and defence companies are seeking to “do more with less” in IT and realise efficiency gains. In a globalized and interconnected world, these efforts inevitably include making increasing use of virtualisation, and sourcing a widening range of services from external suppliers – potentially including cloud-based providers and those based in lower-cost locations offshore.

A further effect of the drive to do more with less is to put pressure on budgets, including that allocated to IT security, creating further strains in cyber security initiatives.  

* The industry’s highly interdependent supply chain

One of aerospace and defence’s defining characteristics is the close integration and inter-reliance within the industry’s value chains, which often encompass a wide array of specialised activities carried out by various businesses in different countries.

Some companies are effectively “master integrators”, acting as central managers and co-ordinators of an industry supply network that extends a long way outside the enterprise.

In IT terms, the effect is to create composite systems that are operated and accessed across multiple organisations all along the supply chain. These composite systems’ vulnerability to cyber attack will be determined by the weakest link within the supply chain. So each organisation faces risks not just around the quality and effectiveness of its own cyber security, but of all the other participants in the supply chain as well.

It is an absolute imperative that aerospace and defence businesses make securing and maintaining high quality cyber security a top priority.

* required field

Post a comment

Other Stories
Advertisement
Latest News

TAV Airports revenue reached EUR 1.1 billion in 2017

TAV Airports Holding increased passengers served 10% and reached 115 million.

Double honours for Emirates Group Security and Transguard

Emirates Group Security and Transguard have cemented their industry leadership position by clinching two accolades at the 16th edition of the Sheikh Khalifa Excellence Awards (SKEA).

Algerian minister confirms bids submitted re cargo market tender

Algerian Minister of Public Works and Transport, Abdelghani Zaalane, has confirmed that four bids have been submitted to government regarding the proposed liberalisation of the country's air cargo market, reports ch-aviation.

Qatar Airways Airbus’ A350-1000 arrives in Doha

The largest A350 XWB customer has taken first delivery of Airbus’ largest version of the jetliner – the A350-1000.

RJ invites customers to choose new name for its Frequent Flyer programme

Royal Jordanian has invited its Jordanian fans, customers and frequent flyers to take part in renaming the airline’s loyalty programme, by submitting their suggestions through RJ’s social media channels.

Flydubai sees strong growth in revenues, record passengers and sustained profit

Flydubai has announced its full-year results for the year ending 31 December 2017.

SOFEX SK2018
See us at
Abu Dhabi AirExpo BT2018AirportShow BT1502090518SOFEX BT2018ArabianTravelMkBT250418Global Aerospace BT2018MEBAA BT2018Istanbul Airshow BT22018Aviation Africa BT18418BIAS BT271017161118