3
Cyber Security Risk Mitigation Practices Effective July 2015 2nd Edition

Cyber Security Risk Mitigation Practices - IATA - Home · Title: Aviation Cyber Security Toolkit - Cyber Security Risk Mitigation Practices, 2nd Edition, July 2015 Author: IATA Created

  • Upload
    dodien

  • View
    218

  • Download
    4

Embed Size (px)

Citation preview

Page 1: Cyber Security Risk Mitigation Practices - IATA - Home · Title: Aviation Cyber Security Toolkit - Cyber Security Risk Mitigation Practices, 2nd Edition, July 2015 Author: IATA Created

Cyber Security Risk Mitigation Practices

Effective July 2015

2nd Edition

Page 2: Cyber Security Risk Mitigation Practices - IATA - Home · Title: Aviation Cyber Security Toolkit - Cyber Security Risk Mitigation Practices, 2nd Edition, July 2015 Author: IATA Created

Table of Contents

Table of Contents

1 Introduction ................................................................................................................................................ 3

2 General Mitigation Strategies ................................................................................................................... 42.1 Human Factors................................................................................................................................ 62.2 Top Mitigation Strategies ................................................................................................................ 62.3 Security Controls............................................................................................................................. 82.4 Information Sharing......................................................................................................................... 9

3 Tactical Mitigation Strategies ................................................................................................................. 103.1 Reservations and Associated Interfaces.......................................................................................10

3.1.1 Human Factors ..............................................................................................................113.1.2 Mitigation Strategies ......................................................................................................113.1.3 Security Controls............................................................................................................12

3.2 Departure Control System ............................................................................................................123.2.1 Human Factors ..............................................................................................................123.2.2 Mitigation Strategies ......................................................................................................133.2.3 Security Controls............................................................................................................13

3.3 Customer-Facing Website.............................................................................................................133.3.1 Human Factors ..............................................................................................................143.3.2 Mitigation Strategies ......................................................................................................143.3.3 Security Controls............................................................................................................15

3.4 Electronic Flight Bag ..................................................................................................................... 153.4.1 Human Factors ..............................................................................................................153.4.2 Mitigation Strategies ......................................................................................................163.4.3 Security Controls............................................................................................................16

3.5 ACARS/Data Link Communications..............................................................................................173.5.1 Human Factors ..............................................................................................................173.5.2 Mitigation Strategies ......................................................................................................173.5.3 Security Controls............................................................................................................18

4 Mitigation Timing and Rotation ..............................................................................................................194.1 Mitigation Timing........................................................................................................................... 194.2 Mitigation Rotation ........................................................................................................................ 21

4.2.1 Rotating Mitigation Strategies........................................................................................22

2ND EDITION, JULY 2015 1

Page 3: Cyber Security Risk Mitigation Practices - IATA - Home · Title: Aviation Cyber Security Toolkit - Cyber Security Risk Mitigation Practices, 2nd Edition, July 2015 Author: IATA Created

IATA Aviation Cyber Security Toolkit

5 Incident Response Plan .......................................................................................................................... 23

6 Summary................................................................................................................................................... 25

Glossary.................................................................................................................................................... 27

2ND EDITION, JULY 20152