airport security 2013 cyber security panel discussion
TRANSCRIPT
PANEL DISCUSSION: How to be Cyber Secure Airport Infrastructure Issues
Moderator: Philip Baum, Editor, Aviation Security International Panellists:
Dominic Nessi, Deputy Director & Chief Information Officer, Los Angeles World Airports
Marc Pearl, President and CEO, Homeland Security & Defense Business Council
Dr John McCarthy,ServiceTec Research Fellow, Cranfield University / UK Defence Academy
How to be Cyber Secure:
Airport Infrastructure Issues
• * * * * * * *
Marc Pearl President & CEO
Homeland Security & Defense Business Council
WHAT DOES “CYBER SECURE” MEAN?
• Much more than traditional notions of passwords and firewalls
• “Cyber secure” is NOT a one-size-fits-all concept… • Need to balance risk v. probability and cost v. benefit
• “Definition” is up to each individual airport authority
• As you all well know: “Cyber” now extends into almost every facet of airport infrastructure.
• Network
• Physical
• Human
1. Network Security
• The most closely linked to “cyber”
• Threat level: Wide and varied
• Numerous layering/overlapping –
oftentimes missing network coordination
• Major consequences of network breach
• Loss of integrity;
• Loss of availability; and
• Loss of confidentiality
2. Physical Security
• Still one of the most important aspects of
security
• Far more interconnected with network security
than ever due to increasing technological
advances
• Encompasses: CCTV security cameras,
intrusion detection systems, perimeter lighting,
and CBRNE detection
3. Human Component of Security
• Airports – Veritable Melting Pots of different
types, classes, security-level of personnel.
• Cyber-security is only as good as the humans
that operate and oversee it.
• Is it better to screen all workers or to train them
to spot suspicious behavior?
• Is/should it even be a trade off?
How Does 1 + 1 + 1 = 4?
• Cannot work on the 3 elements in isolation
• True/Real cybersecurity is based on the symbiotic and cooperative interaction of all 3 elements.
• No one single component of security will protect airport infrastructure.
• Including both physical and electronic ensures that threats can be mitigated as “far down/away from the supply chain” from the critical vulnerabilities as possible.
• Farthest circle can be thought of as the intelligence on threats long before they even reach the airport and the closest can be the final ticket or baggage check before boarding the plane.
Litmus Test – Questions To Ask
• Is the approach/idea economically reasonable?
• Will the approach/idea be technologically feasible?
• Have we thought through the unintended consequences of implementing this approach/idea?