Quarterly Digest for Q4 is out !

In this quarterly digest, we make a retrospective of the year 2020 which was definitively a busy year when considering the number of attacks on aerospace stakeholders 🏃‍♀️

In particular, during this last quarter, a significant number of attacks on aerospace stakeholders have been made publicly available. You will find 5 pages of noticeable facts within this digest.

Also we wanted to share our experience on a vulnerability disclosure process which we have followed and which didn’t prove convincing so far. However we hope that things will improve soon…👍

Here is the agenda for the digest:

I.Retrospective of the year 2020

  • Evolution of the cyberthreat level
  • Evolution of the information sharing landscape
  • Evolution of embedded security

II.Threat Intelligence

  • Noticeable facts of Q4 2020 (1/5)
  • Noticeable facts of Q4 2020 (2/5)
  • Noticeable facts of Q4 2020 (3/5)
  • Noticeable facts of Q4 2020 (4/5)
  • Noticeable facts of Q4 2020 (5/5)

III.Food for thoughts

  • Feedback on a vulnerability disclosure process

If you missed CyberInflight’s presentation during the Aircraft Commerce Virtual Conference in Nov. 2020, the presentation slides are included as part of this digest.

Quarterly Digest Service

CyberInflight has just launched its Quarterly Digest Service 💡

This subscription allows you to receive a 15-pages consulting report every 3 months on the recent aerospace cybersecurity news, each digest diving into a specific topic 🔍

Subscribers can be active readers by voting and suggesting the topics to be addressed in the coming digests✋

300 followers on LinkedIn

Some achievements since the previous milestone:

✅ Cybersecurity awareness training for a national carrier
✅ Bespoke consulting missions
✅ Presentation during the Aircraft Commerce conference
✅ Launch of a new cyber-intelligence product
✅ Starting collaboration with an information sharing association
💡 and more to announce by the end of the year…

Thanks for your confidence and your support !

CyberInflight at the Aircraft Commerce Virtual Conference & Expo 2020

The Aircraft Commerce Virtual Conference will take place between the 16 and 20 of November 2020. This five-day live digital event replaces and brings to life three popular Aircraft Commerce conferences that had been planned for 2020:

Event One: Airline & Aerospace MRO & Flight Operations IT Conference – Global
Event Two: Connecting Aircraft & Passenger Conference and Expo
Event Three: Flight Operations Conference

On day 4, November 18, within the Connected Aircraft & Passenger Conference specialized track, CyberInflight will present some of its findings from a year of market research, consulting missions and training seminars. The 30 minutes presentation will tackle topics such as the evolution of the threat level in 2020, the evolving regulatory framework, the nascent relationship between the industry and the researcher community, or the increasing interest in embedded aircraft security. CyberInflight will also reveal some of its latest findings of some obvious weak information security implementation made by some stakeholders to protect sensitive intellectual property. CyberInflight will discuss lessons to be learnt and roadblocks preventing the industry to reach a potentially stronger maturity level. If you would like to know more, join us during the conference “Cyber Risk & Cyber Resilience in Aviation: A retrospective of the year 2020” during the Aircraft Commerce Virtual Conference.

Link to register to the conference.

CyberInflight would like to thank the organization of the Aircraft Commerce Virtual Conference & Expo for their hard work in organizing such an outstanding event in this difficult period of time.

Cyber-incident timelines

Did you miss CyberInfligh’s timelines of cyber-incident on airlines and airports ?

Find below a quick snapshot of our “Aerospace Cybersecurity Market Intelligence Report, Edition January 2020”. These are timelines until January 2020. More to come in the coming months with the next edition of the research report and the evolution of the threat level during the year 2020, which was particularly interesting.

Do not forget that you can help us identify key topics you would like to be addressed in the next edition of the report. We would be happy to get your thoughts and suggestions at contact@cyberinflight.com.

Quarterly Digest for Q3 is out !

Here is a snapshot of CyberInflight’s Quarterly Digest. For this edition, we have set the focus on the topic of aerospace cybersecurity regulations. Some significant steps, from IATA in particular, have been taken lately which are worth digging into.

This digest aims to help you get a broader and updated vision of the current regulatory landscape and extract the core information from this vast topic, through the use of mind-maps in particular.

Feedback/suggestions/comments at : contact@cyberinflight.com

Table of Content:

I. Regulatory framework

  • ICAO’s Cybersecurity Strategy
  • ICAO’s Assembly Resolution A40-10
  • IATA’s Aviation Cyber Security Position Paper
  • IATA’s Compilation of Cyber Security Regulations, Standards, and Guidance -Takeaways on the current regulatory framework
  • Takeaways on the current regulatory framework

II. Threat Intelligence

  • Noticeable facts for Q3 2020 (1/3)(2/3))(3/3)

III. Food for thoughts

  • On the importance of quality information sharing

Cyber-regulatory landscape

Understanding the current cybersecurity regulatory landscape is difficult, isn’t it? 😣 In this mind-map, CyberInflight has selected for you publicly available must-reads.
Stay tuned as our coming quarterly digest for Q3 will focus on the topic of cyber-regulations in civil aviation.

Note that in this mind-map some branches have been folded. The exhaustive resource will be made available soon to the readers of our quarterly digest/.

Also, a “download section” on our website will soon be available to get access to high-res resources.👍

Cybersecurity Awareness Training Session

During the first week of October 2020, CyberInflight had the opportunity to give its first Cybersecurity Awareness Training for Airline Executives during a 2-days session.

Our customer, a national carrier, operating a fleet of approximately 100 aircraft, sustained a major cyberattack some time back, and is convinced of the importance of cybersecurity awareness among its staff, and rightly so, as most of cyberattacks usually starts by the compromising of the human element.

People attending this training came from different horizons and departments (IT Department, Aviation Security Department, Flight Crew Division, Ground Service, Engineering Department, Safety and Quality Department, etc.).

Contact us if you wish to know more about this training: contact@cyberinflight.com