b'82 INDUSTRY INSIDERAddressing Airport Cybersecurity and Technology Resiliency Just Became More UrgentAirports have long maintained In December 2021, nearly a year well-defined disaster recoverybefore the serious October 2022Mike Zoia, CPP, PSP, plans for responding tocyberattack, TSA announced new securityRCDD, is a business significant weather events or otherdirectives along with additional guidancedevelopment manager disruptions like irregular operations,for voluntary measures to strengthenfor Burns & McDonnell including mechanical failures. Today itscybersecurity across the transportationwith more than 20 years clear the aviation industry must expandsector. At this point, two of thoseof experience managing security and technology consulting that planning approach to focus on broaddirectives apply to airports and airlines:and engineering engagements. He has strategies that enable swift responses toDesignate a cybersecurityworked on capital development programs cyberattacks or technology disruptions. coordinator. worldwide, providing a unique technical Bad actors have the motivation andReport cybersecurity incidents toperspective and understanding of means to knock airport operationsthe Cybersecurity & Infrastructureglobal trends in technology, security and offline. Recent events show that theySecurity Agency (CISA). innovation.know how to target transportation andMost, if not all, airlines and airports can successfully execute attacks.already have cybersecurity plans inbetween information technology (IT) and The TSA blames Russian hackers forplace, but now is the time to reviewoperational technology (OT) systems an October 2022 cyberattack on somethem with these goals in mind:can limit unauthorized access to critical of the largest U.S. airports, includingnetworks. Installing remote access Hartsfield-Jackson Atlanta InternationalAbility to Recognize VPNs within network architecture is an Airport, LaGuardia Airport and LosCyber Risksadditional security step.Angeles International Airport. The attackAirport and airline operators should conduct a sitewide risk and vulnerabilityIdentify Potential Threatstemporarily shut down the public-facing side of airport websites. This resultedassessment to provide a baseline withAdding a threat detection solution is key in inconvenience for travelers, thoughrespect to their current risk profile andto continuously monitoring behavior for airport operations were unaffected.where they need to be in the future tointernal and external threats or anomalies Still, the message was clear: Hackersmeet set requirements. that could result in a cyberattack. have the ability to gain access to critical airport operational systems.Total Asset Visibility Monitoring Aging InfrastructureIt is also evident that airports andVisibility over the entire asset inventory isAdding an infrastructure assessment of airlines are increasingly susceptible tovitally important. Unless airport operatorsthe entire asset inventory is also crucial to other hardware and software failures notknow the operating profiles and locationsunderstanding any potential failure points caused by malicious actors. A numberof all assets within their environments,on an ongoing basis. of recent events highlight that thevulnerabilities will remain unaddressed.Response and Recovery Plan increasingly complex systems that helpHarden Operational SystemsShould a cyberattack or other failure our industry meet its core goal of safelyAll assets, whether critical or noncritical,happen, having an incident response and transporting people and goods aroundshould be hardened to eliminate anyrecovery plan in place will help airport the world are becoming increasinglyvulnerabilities and to improve overalloperators better understand how long it fragile and vulnerable.system resilience and reliability. Systemmay take for certain operational systems TSA Administrator David Pekoskesoftware or hardware on a connectedto get back online. And just as important, has spoken publicly about airportor vital asset that is not up to date canpracticing these plans is key to quick cybersecurity, emphasizing thatexpose weaknesses that hackers mayrecovery and overall resilience.cybersecurity risks are just as importantexploit. Outdated software or hardwareWith millions of people flying daily as physical security risks. This is why newalso creates risk of other failures. in the U.S., its essential to protect cybersecurity requirements are expectedthe critical infrastructure that makes to be released early this year. These willSegregate Networksair traffic possible. An organized not only strengthen our posture againstAirport and airline operators shouldresponse plan that focuses on airport purposeful cyberattacks, but also helpconsider segregating networkscybersecurity and technology resiliency minimize the impact caused by hardwareby determining which ones havewill serve as the foundation for managing and software failures that were notconnectivity to the outside world andthat risk. directly related to cyberattacks. which ones dont. Installing a firewall March | April 2023AirportImprovement.com'