09 January 2025
Cybersecurity in Aviation
The aviation sector faces unique cybersecurity challenges that differentiate it from other industries. Over the past three years, our specialist team has conducted in-depth assessments across more than 30 airlines, aircraft lessors, satellite companies and other aerospace organisations, providing us with comprehensive insights into the state of cybersecurity across the industry.
Our team of 16 specialists, combining expertise in cybersecurity, crisis response, intelligence and investigations, works in close partnership with Gallagher Specialty’s Aerospace team to support clients throughout their cybersecurity maturity journey. A particular focus has been simplifying the often-complex process of obtaining cyber insurance, which traditionally has been a significant pain point for internal security and risk teams. This approach together with Gallagher Aerospace has resulted in positive Cyber insurance outcomes for many clients in terms of coverage and premium.
Airside and Groundside Systems and Infrastructure
When examining airline systems, we typically categorise them into two distinct areas: airside and groundside. Airside systems, which support flight operations through maintenance tracking, electronic flight bags and flight planning, are subject to stricter regulation and tend to significantly impact business interruption losses. Landside systems, encompassing passenger loyalty programmes, booking systems and customer interactions, typically manage vast quantities of personal data, making them particularly vulnerable to legal and financial losses in the event of a breach.
The challenges
A unique challenge in the aviation sector is the operation of systems across various environments, including internal networks and hosted networks outside of the organisation's direct control, such as those in airports. This shared infrastructure creates additional complexity in implementing robust defence mechanisms.
One of our most significant findings has been the widespread use of common systems across multiple clients, including platforms like SABRE and AMOS. This standardisation creates substantial systemic cyber risk within the aviation sector, a concern that has caught the attention of both reinsurers and insurers. Organisations must carefully manage these risks by thoroughly understanding their exposure through vendor contracts and implementing appropriate risk transfer mechanisms.
The industry is currently experiencing a significant transition to cloud infrastructure, introducing new risk exposures during the migration period. Protection of legacy infrastructure that's likely to be superseded often receives reduced attention during these complex transitions, creating potential vulnerabilities.
Aviation organisations frequently grapple with legacy infrastructure and systems that present unique challenges for protection and patching. Our assessments have consistently identified struggles with access and account management, including the implementation of multifactor authentication, identification of privileged accounts, and enhanced protection for accounts with elevated privileges.
Security monitoring presents another significant challenge, particularly maintaining monitoring agents across diverse infrastructure. This becomes especially complex when dealing with legacy systems and organisations operating numerous interconnected systems.
Leading aerospace organisations we work with prioritise training and awareness, particularly by drawing parallels between cybersecurity and flight safety, leveraging the industry's strong safety culture to enhance cyber resilience.
For airlines seeking cyber insurance, robust disaster recovery and business continuity planning have become crucial requirements for underwriters. These plans should encompass comprehensive risk analysis, business impact assessments, recovery time objectives, continuity strategies, manual workarounds, and restoration procedures. Disaster recovery planning must address data recovery, backup strategies, backup protection, software environment analysis, supplier analysis, and detailed run books.
Efficiency versus resilience
Airlines are increasingly embracing automation, particularly in customer-facing operations. Self-service booking terminals and luggage check-in kiosks are becoming commonplace, raising important questions about network segmentation and security management. These systems must be treated with the same rigour as operational technology assets to ensure proper protection.
The industry's heavy reliance on third-party systems, particularly booking platforms like Amadeus and SABRE, creates additional complexity. Limited vendor diversity in this space means organisations must focus on other risk management strategies beyond vendor diversification.
Airlines typically manage substantial volumes of personal identification information, often stored in cloud-based customer relationship management systems linked to reward programmes. This data frequently includes sensitive information such as passport numbers and documents, accessible through web applications that enable customer account management.
While digital systems drive efficiency, airlines maintain effective manual processing capabilities for essential operations like passenger manifests and check-in procedures. While these manual processes may be slower, they provide valuable operational resilience during system outages.
Success in securing cyber insurance coverage increasingly depends on organisations demonstrating several key elements: a detailed understanding of existing controls aligned with insurers' requirements (beyond standard ISO/NIST frameworks), clear architecture documentation, well-developed business continuity and disaster recovery plans, thorough maximum loss scenario analysis, robust cyber team structure, and comprehensive supply chain risk management.
As the aviation sector continues its digital transformation journey, maintaining robust cybersecurity while enabling business innovation remains a critical challenge. Our experience suggests that organisations that successfully balance these competing demands while maintaining strong operational resilience will be best positioned to thrive in an increasingly complex threat landscape.
If you would like to find out more about our capabilities in this area and discuss your cyber risk and insurance needs, please do get in touch.
Let's talk
Next Generation Transport
As businesses in the Advanced Air Mobility sector take flight, a widening range of risks can hinder their safe passage. We’re here to help.
The Challenges of Escalating Claims Costs
Explore highlights from the 'Let's Fly' conferences, covering rising Hull and Liability claims, supply chain issues, and advancing aviation technology.
Airline Insurance Q&A
In this feature Q&A, Nigel Weyman, looks back on 2024 and discusses the latest trends, challenges and market conditions in the airline insurance market.
Aviation Reinsurance Market Update Q4 2024
Gallagher Re highlights a mixed outlook for the reinsurance market ahead of the renewal period, with surplus capacity creating opportunities for buyers but recent aviation losses maintaining caution.
Space Insurance Market Update Q4 2024
The space insurance market has been through a turbulent period, but the future looks brighter as we head into 2025.
Manufacturers and Infrastructure Market Update Q4 2024
2024 proved to be a dynamic year, with renewal activity peaking in Q4. Insurers competed for desirable risks, which helped keep premiums stable.
General Aviation Market Update Q4 2024
2024 proved to be a dynamic year, with renewal activity peaking in Q4. Insurers competed for desirable risks, which helped keep premiums stable.
