Subscribe Free
in Features

How well is aerospace protected against the hack attack?

Posted 7 February 2011 · Add Comment

Aerospace and defence companies are at risk of attack not necessarily on their people but on another valuable asset, their data. Dr Alastair MacWillson, global managing director of technology consulting firm Accenture's security practice, looks at the threats and at how IT security can fight off these attacks.

For more than two decades, businesses and governments worldwide have struggled to understand the nature and scale of the cyber threat facing them and to develop appropriate responses.

In many cases, the strategies adopted to manage and mitigate these risks have included heavy investment in information assurance. Despite this investment, the view of many professionals is that a persistent adversary will still get through most organisations’ defences.

The cyber threats faced by aerospace and defence companies – and the corresponding need for robust, high calibre cyber security – are rising faster than in most other industries, and arguably quicker than in any of them.

As the threat of cyber attacks has escalated in recent years, aerospace and defence companies have been in the front line. By the nature of what they do, many have long faced a requirement to comply with standards of cyber security set by government defence departments. With one or two high-profile exceptions, the industry appears to have performed quite well in protecting its critical data assets and systems.

However, appearance and reality in cyberspace can differ widely. It is quite possible for an organisation to suffer a damaging intrusion, or theft, without even realising it. With this in mind, Aerospace and defence companies need to continually ask two key questions:

• How well are our systems and data protected?

• How do we know they are as well protected as we think they are?

Our experience shows that, while most industry bosses can answer ‘yes’ to both questions, they are less confident on the second one.

Concerted on-going investment in cyber security systems and processes can help to achieve high levels of security, but does not guarantee it in itself.

The investment needs to be targeted and implemented in the right way and in the right areas, under a coherent, consistent and holistic strategy that takes into account all the related risks.

In Accenture’s view, there are four key reasons why cyber threats are escalating particularly quickly for Aerospace and defence companies:  

* The industry’s attackers are becoming ever more professional

It is many years since hackers progressed from being “script kids” to highly organised professional criminals. But while all organisations face this threat, Aerospace and defence companies rank alongside government departments as the organisations most likely to attract the attentions of well-resourced – and potentially government- or terrorist- funded – hacking groups.

Organised criminals looking to steal and sell intellectual property assets would also put aerospace and defence companies at or near the top of their targets.  

* Escalating innovation in workforce technologies

Within aerospace and defence companies, the growing usage of emerging technologies, such as Internet-based communication and collaboration via mobile handsets, is creating challenges for cyber security processes.

Many security architectures still in place today were designed in the pre-Internet era and, not surprisingly, are now struggling to keep pace with the risks. Furthermore, many of the entrants to today’s workforce are habitual users of online applications that are almost impossible to monitor and control – such as social networking sites – and regard access to these as a personal right rather than a privilege. Clearly, anyone accessing such services via a device holding sensitive corporate data is exposing the organisation to unwanted and unnecessary cyber risks.  

* The increasingly “elastic” aerospace and defence enterprise

Aerospace and defence companies are seeking to “do more with less” in IT and realise efficiency gains. In a globalized and interconnected world, these efforts inevitably include making increasing use of virtualisation, and sourcing a widening range of services from external suppliers – potentially including cloud-based providers and those based in lower-cost locations offshore.

A further effect of the drive to do more with less is to put pressure on budgets, including that allocated to IT security, creating further strains in cyber security initiatives.  

* The industry’s highly interdependent supply chain

One of aerospace and defence’s defining characteristics is the close integration and inter-reliance within the industry’s value chains, which often encompass a wide array of specialised activities carried out by various businesses in different countries.

Some companies are effectively “master integrators”, acting as central managers and co-ordinators of an industry supply network that extends a long way outside the enterprise.

In IT terms, the effect is to create composite systems that are operated and accessed across multiple organisations all along the supply chain. These composite systems’ vulnerability to cyber attack will be determined by the weakest link within the supply chain. So each organisation faces risks not just around the quality and effectiveness of its own cyber security, but of all the other participants in the supply chain as well.

It is an absolute imperative that aerospace and defence businesses make securing and maintaining high quality cyber security a top priority.

* required field

Post a comment

Other Stories
Advertisement
Latest News

Emirates Group releases environmental report

The Emirates Group, comprising Emirates airline and dnata, has today published its seventh annual Environmental Report which outlines the Group's environmental performance for the financial year 2016-2017.

Dnata successfully tests use of blockchain technology

Dnata's cargo operations, in conjunction with Emirates Innovation Lab, IBM and flydubai Cargo, has created a new value proposition for cargo service delivery through the use of blockchain technology.

Rhinestahl opens Middle East operations centre

Rhinestahl Corporation has opened its new Customer Tooling Solutions (CTS) operations centre in Dubai.

EAG's Adam Boukadida named Treasury Professional of the Year

Etihad Aviation Group (EAG) acting group treasurer Adam Boukadida has been honoured with the highest individual accolade by the Association of Corporate Treasurers Middle East.

Dubai to host Airport Show in May 2018

The18th edition of Airport Show will be held in Dubai from May 7-9, 2018.

Iraq Airports Aviation Forum to take place in April 2018

Kadhim Fenjan Al Hamami, the Minister of Transport, Republic of Iraq, has announced Iraq Airports Aviation Forum (IAAF) 2018, will take place at Karabla Terminal in Baghdad International Airport on 11-12th of April 2018.

Aviation Africa SK18418
See us at
Global Aerospace BT28218Istanbul Airshow BT 2018AIME BT1204240118AAS2017_BT0711061217Aviation Africa BT18418Aviation Show 267291117BIAS BT271017161118