The chairman of airline giant Sky One believes cybersecurity threats can be tackled with a comprehensive, coordinated strategy.
India's passenger numbers are expected to reach 69.7 million in 2023-24, registering a growth of 22.5% over the previous year. The rapid increase in air traffic has increased the need for gradual adoption of digital technologies to improve efficiency. Technology integration across sectors requires data sharing, which may pose a potential risk of serious cyber threats.
For this reason, organizations like IATA and ICAO have introduced aviation cybersecurity strategies, and many regulators have also made aviation safety plans a strategic priority. For example, the European Union Aviation Safety Agency (EASA) has focused on pilot programs and training to combat cybersecurity threats in its European Aviation Safety Plan (EPAS).
In India too, the Bureau of Civil Aviation Security (BCAS) has launched a Cyber Crisis Management Plan (CCMP) to deal with cyber attack scenarios. It has also issued specific guidelines on protecting sensitive data. Apart from accessing passenger information, cyber attacks can have severe impacts on airline operations. Hackers can take over and manipulate flight control systems, disrupting schedules, cancelling flights and even disrupting the entire aviation system.
“The global aviation industry functions on the basis of seamless, efficient systems and cross-border data exchange. Strengthening cyber security requires strengthening this global framework through concerted efforts of various stakeholders. A comprehensive approach focusing on collaboration at national and international levels will help in tackling cyber security threats effectively,” said Jaydeep Mirchandani, Group Chairman, global aviation major SkyOne.
Mirchandani believes one of the key focus areas of the cybersecurity framework will be the development of policies and procedures for continuous monitoring and analysis of critical systems.
“Continuous monitoring allows operators to quickly detect potential issues, mitigate risks, and respond quickly to security threats to ensure system protection and stability. Network segmentation policies can also prevent cyber attacks from spreading across the network and limit the potential damage caused by a cyber attack. Airlines should strictly implement access control measures to prevent unauthorized persons from stealing data or taking control of systems,” adds Mirchandani.
He said cybersecurity policy formulation should be done with a high degree of technical expertise and foresight as any shortcomings could have serious consequences.
“With every new technological advancement, cyber attackers also find new ways to exploit it for malicious purposes. Hence, continuous adjustment and response is required for new challenges and threats. Cooperation and coordination between regulatory bodies, governments, airlines, technology companies and cybersecurity experts from different regions is essential. By working together and sharing resources, stakeholders across the world can develop a unified cybersecurity strategy,” concludes Mirchandani.