One of the most interesting topics becoming broadly discussed in our industry is cyber security and how we need to be aware of potential risks and solutions. At this time, most agree that aircraft from ground operations to inflight management are well protected with robust systems and procedures, but the ongoing discussions and rising awareness suggest that continued system vigilance will be something business aviation must stay ahead of the curve on.
Tests have been conducted that show that without proper protection, commercial aircraft can be remotely hacked impacting safety as well as privacy and security of passengers using in flight technology. As that technology advances at an exponential rate, so must the vigilance of everyone working in the business of flight- private or commercial. The good news is that we are. New, emerging companies and experts are building an entire industry around the issue to protect us by creating proactive solutions, steps and procedures.
For business aviation, there is possibly less of a cyber-attack threat than on commercial flights where hundreds of people are sitting in proximity to each other and the likelihood of an inflight hacker might be higher. In out case we usually have a small group of passengers who often know each other and are working or vacationing together. We need to remember though, that when it comes to simple things like in flight internet access, the privacy of passengers’ personal data may be similar to sitting at a local café offering WiFi. We don’t know who’s at the next table and what they’re doing on their own laptop or device. Recently at EBACE 18, we listened to some people speaking on the topic and are encouraged at the many solutions now available.
In addition to the technology itself and the experts who build these solutions, some say we should also look to solutions from a regulatory level. Perhaps our industry should explore regulatory intervention specific to this topic. For example, develop an aviation specific version of the European Economic Area’s Data Protection Directive. This will in turn help operators to address systems, agreements and co-operation throughout the supply chain. Regulation will help ensure consistency and quality of system protections for all.