www.askhelios.com

Management and technology consultants

Why it’s a problem and how do we fix it?

9 March 2016 @ WAC 2016

Cyber-security in ATM

2

Boryspil International Airport

3

“Future cyber operations will almost certainly include an

increased emphasis on changing or manipulating data to

compromise its integrity (i.e., accuracy and reliability) to

affect decision-making, reduce trust in systems, or cause

adverse physical effects”

“Countries are becoming increasingly aware of both their own

weaknesses and the asymmetric offensive opportunities

presented by systemic and persistent vulnerabilities in key

infrastructure sectors including health care, energy, finance,

telecommunications, transportation, and water.

US Director of National Intelligence:

‘Worldwide Threat Assessment of the US Intelligence Community’

4

Successful attacks will occur in ATM

Connectivity is increasing

Commonality in systems is increasing

Attacks only get better

5

Connectivity is increasing

Interoperability increasing

ICAO GANP and SESAR target concepts

Public networks, including the internet

6

Commercial Off The Shelf (COTS)

Open standards

Common components

Concentrated supply chain

Commonality in systems is increasing

7

Markets for vulnerabilities

Malware that crosses air gaps

Persistent threats

Attacks only get better

8

A structured, holistic approach is needed

9

No silver bullet …

EU

Regulation

Regional

Service

Provision

Operational

Stakeholders

and Supply

Chains

National

Functions

Local

Pan-European

Regulation,

policy and

state functions

Operational

functions and

support

10

No silver bullet … but collaboration needed

EU

Regulation

Regional

Service

Provision

Operational

Stakeholders

and Supply

Chains

National

Functions

Local

Pan-European

Regulation,

policy and

state functions

Operational

functions and

support

Clear responsibilities for

through-life security

Coherent regulatory

framework

Effective risk-reward

security governance

Public-private

information sharing

Techniques to secure and

assure safety-critical

systems

Systemic risk

understanding

Cross-industry incident

response mechanisms

More ATM Security

Expertise

Mature Security

Management Systems

Secure and resilient

architecture

Integrated Risk

Management

Supply Chain Risk

ManagementStrong audit regime

11

Successful attacks will occur

• Connectivity is increasing

• Commonality in systems is increasing

• Attacks only get better

Risks must be managed

• Approach must be structured and holistic

• Collaborate for an effective, efficient framework

www.askhelios.com

For regular updates follow us on

Management and technology consultants

Matt Shreeve

ISO 27001 Information Security Management System Lead Auditor