Cyber-risk is clearly no longer just about securing corporate data and maintaining data confidentiality, integrity and availability. Cyber-risk is an organisational risk, even an existential one to some organisations and can no longer be relegated solely to the domain of information technology (IT) to address.
Corporate boards around the country are asking: Is my organisation going to be targeted? For aviation companies – in the business of transporting millions of people safely with 100 000 daily flights at 11 277 meters – the stakes are especially high.
Key report take outs:
- An effective cyber-risk programme should consider the unique set of cyber threats to which the organisation is exposed, or cyber threat landscape, to set realistic goals that can and should be achieved with a broad, well maintained cyber-risk framework. No environment is completely secure, nor is it cost effective to try to make it so.
- An organisation should not only take reasonable steps to protect its data, applications and infrastructure, but should also minimise the damage of successful attacks and return to normal operation as soon as possible.
- In a highly concentrated and heavily competitive industry like aviation, where everybody is seeking new technology to improve efficiency, margins and customer experience, the goal of a robust cyber-risk programme is to enable an organisation to move faster, safely. Such a programme not only facilitates, but can accelerate, business initiatives by ensuring that the appropriate processes and procedures are in place for mainstream enterprise adoption and implementation of new technology.
Call to action
Traditional threats remain, but as the aviation industry reaps the rewards of technology innovation, the industry must also respond to an emerging and ever-evolving array of cyber-risks. The consequences are no longer limited to data privacy breaches and compliance penalties.
Please contact our Subject Matter Experts to further discuss the importance of a Cyber strategy for your organisation