“Coordinated efforts from various stakeholders can enhance cybersecurity in civil aviation,” says Jaideep Mirchandani
The chairman of the aviation major Sky One believes comprehensive and collaborative strategies can address cybersecurity threats.
India stands at 69.7 million passengers in 2023-24, recording 22.5 percent year-on-year growth. This surge in air traffic calls for the need to progressively adopt digital advancements to enhance efficiency. As integration of technology in various areas requires data sharing there may be potential risks of severe cyber threats.
This has led organisations like IATA and ICAO to introduce aviation cybersecurity strategies. Many regulatory authorities are also developing aviation safety plans as a strategic priority. For instance, the European Union Aviation Safety Agency (EASA), in its European Plan for Aviation Safety (EPAS), has focused on pilot programmes and training to counter cybersecurity threats.
In India as well, the Bureau of Civil Aviation Security (BCAS), has launched a Cyber Crisis Management Plan (CCMP) to address scenarios involving cyber-attacks. It has also issued specific guidelines for the protection of sensitive data. Apart from accessing passenger information, cyber-attacks can also have serious implications on airline operations. Hackers can take over flight control systems, manipulate operations, disrupt schedules, cause flight cancellations, and even sabotage the entire aviation system.
“The global aviation sector functions on the basis of seamlessly efficient systems as well as data exchange that transcends borders. For enhanced cybersecurity, this global framework must be strengthened by coordinated efforts of various stakeholders. A comprehensive approach focusing on collaboration at the national and international levels could help tackle cybersecurity threats more effectively,” says Jaideep Mirchandani, the group chairman of global aviation major Sky One.
Mirchandani believes that one of the focus areas of the cybersecurity framework could be the formulation of policies and procedures to constantly monitor and analyse critical systems.
“Through constant monitoring, operators can quickly detect potential issues, mitigate risks, and respond promptly to any security threats, ensuring the protection and stability of systems. A network segmentation policy could also limit the potential damage of a cyberattack by preventing it from spreading across the entire network. Airlines should also strictly implement access control measures to prevent unauthorised persons from stealing data or gaining control over systems,” adds Mirchandani.
He says that the formulation of cybersecurity policies should be done with great technical expertise and farsightedness because any inadequacies could lead to significant consequences.
“With every new technological advancement, cyber attackers also find new ways to exploit them for malicious purposes. Hence, there is a need for continuous adjustment and responsiveness to new challenges and threats. Cooperation and coordination between various regional regulatory bodies, governments, air carriers, technical companies, and cybersecurity experts is crucial. By working together and pooling resources, the stakeholders across the world can devise a cohesive cybersecurity strategy,” concludes Mirchandani.