![]() ![]() According to Identity Theft Resource Center statistics for the United States, despite a recent decline in the total number of data breaches to about 1.2 billion, the number of records exposed has grown by about 15 percent per year since 2005 to more than 447 million in 2018 (Exhibit 2). The increasing attack surface stemming from digital innovation across the airline value chain combined with the sheer amount of personal customer data, financial data, and location data they possess has made airlines a hot target for cybercriminals. Even worse, many airlines lack elementary tools to evaluate or respond to cyberincidents-for example, documentation of central IT systems and networks or information that would help map customer-facing business processes to IT systems affected by an outage during an incident.Īs cornerstones of public infrastructure and modern society, airlines are also exposed to a growing number of successful cyberattacks. Many try to optimize vendor contracts for unit costs rather than acquire the agility or innovation required to evaluate new business concepts and respond quickly to new threats or opportunities. Given the industry’s low margins, airlines also continuously look for cost-cutting opportunities, including in IT. As airlines integrate a wider array of ecosystems, such as those facilitated by the International Air Transport Association New Distribution Capability Standard, to personalize their offerings further and exchange more granular information with partners, they may have less control over the security environment and become more prone to digital attacks. ![]() ![]() More airlines are moving to the public cloud, for example, to harness data analytics and optimize customer experience and operations. While the basic concept of flying has not changed since the advent of aviation, the continuous digitization of processes like capacity planning, crew assignment, flight operations, and predictive maintenance expands airlines’ digital footprints and introduces new technical challenges to their operating models. Exhibit 1 shows a snapshot of recent, publicly reported IT and cyberincidents in the airline industry. In 2017, a European airline experienced a major IT failure, causing delays and cancellations for more than 1,000 flights. In 2018, hackers penetrated unpatched servers and access controls of an Asian airline to steal the personal and travel data of as many as 9.4 million customers, including 860,000 passport numbers. Multiple airlines have had problems with their ticketing systems and an important aviation-infrastructure system, causing delayed flights and passenger check-ins. In 2019, for example, the United Kingdom imposed a $230 million fine on a European airline for a 2018 breach caused by security vulnerabilities in its website. Technology outages and cyberincidents around the world have demonstrated that even some of the largest airlines need to upgrade their IT and operational technology systems, including their technology architecture and underlying infrastructure, to reduce risk and build resiliency into their heavily digitized operating model. Airlines rely ever more on digital technology to manage everything from booking and in-flight entertainment to aircraft maintenance. More than four billion airline passengers will book flights this year, and they expect to reach their destination on time, safely, and securely. ![]()
0 Comments
Leave a Reply. |
Details
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |