Downloaded 48 times
More Related Content
Similar to Cyber Security roadmap.pptx
Cyber Security roadmap.pptx
- 1.
- 2. What’s challenging then? It wasn’t too long ago that sophisticated executives could have long, thoughtful discussions on technology strategy without even mentioning security. Today, companies have substantial assets and value manifested in digital form, and they are deeply connected to global technology networks – even as cyberattacks become ever more sophisticated and adaptable to defenses. At most companies, boards and senior executives acknowledge the serious threats that cyberattacks pose to their business. What they are not sure of is how to create a strategy that helps them understand and address the threats, in all their forms, today and in the years ahead. And they’re asking for such a strategy every day. Cyber Security solutions, Roadmap and implementation – By Sandeep Kumar 2
- 3. Why Cyber securityneeded in Airlines Industry Cyber Security solutions, Roadmap and implementation – By Sandeep Kumar 3
- 4. Cyber-attacks on theaviation industry have recently increased. Threat actor might be of following: APT (Advanced Persistent Threat): These organizations conduct state- sponsored attacks to steal intellectual property and intelligence to weaken other countries’ aviation capabilities, improve local aviation capabilities, and develop preventive technologies against other countries’ capabilities. Cybercrime attackers: They attack to make money. They concentrate on causing the most damage possible and have the necessary knowledge and skills. Cyber-terrorists: They are triggered by political, religious, ideological, and social factors. They attack to endanger national security, cause mass casualties, harm the economy, disrupt public order and morale, and undermine trust in aviation systems. Nation-state actors: They can attack for political reasons or as part of a cyber war. Insiders: Employees, ex-employees, or business partners who are dissatisfied. Their motivation could be monetary gain or a desire for revenge. 2021 Security Plan Template 4
- 5. The major systemsfrequently exposed to cyber threats in the aviation industry are: 1. Aircraft IP networks of flights 2. Digital Air Traffic Controls (ATCs) and traffic management systems 3. In-flight interface devices 4. Fleet and route planning systems 5. Ticket booking portals. 6. Cabin Crew devices 7. Insider threats Cyber Security solutions, Roadmap and implementation – By Sandeep Kumar 5
- 6. Cyber Security solutions,Roadmap and implementation – By Sandeep Kumar 6
- 7. But wait, Isit achievable? Cyber Security solutions, Roadmap and implementation – By Sandeep Kumar • Airlines is looking at Digitally transforming themselves, for which, they have hired a set of consultants, to define their Digital Strategy and Roadmap. • The Digital Strategy is in place to build a marketplace platform and drive the organization towards data driven operations facilitated by smart products and Smart Operations enabled through IoT. However, the Security Strategy and Roadmap still needs to be worked out. 7
- 8.
- 9. Bottleneck Cyber Security solutions,Roadmap and implementation – By Sandeep Kumar 9 .Lack of Trained and Qualified Staff • Lack of General Awareness of Cybersecurity • A Weak IT Act with obsolete Cyberlaws • Lack of Coherence with Eco-System Partners • Inadequate Governance Mechanisms • Lack of an effective Security Policy
- 10. Challenge 1: CyberRisk Management and compliance Implementing - Cyber Risk Management - Cyber insurance - Third party Risk Assessment. - Security and regulatory compliance Cyber Training , Education and Awareness - Cyber Security awareness program - Insider Risk Management - Technical cyber training - Certification readiness Infrastructure Protection - IOT Strategies - Cloud Security - Vulnerability Management - Phishing campaign program - Secure by design (Secure SDLC) - Application Security - IAM Solutions Cyber Security solutions, Roadmap and implementation – By Sandeep Kumar Proposed solutions
- 11. Challenge : InformationPrivacy - Privacy or GDPR Maturity. Challenge: Cyber Training , Education and Awareness - Cyber Security awareness program - Insider Risk Management - Technical cyber training - Certification readiness Cyber Security solutions, Roadmap and implementation – By Sandeep Kumar Proposed solutions
- 12. Challenge 1: InfrastructureProtection - Data Loss Prevention - People Risk - Cryptography - Data Governance & Information Classification Challenge 2: Advance Threat Readiness & Preparation - Advance Threat Simulation/Red Teaming - Purple teaming - SIEM Capabilities Security operations Centre (SOC) - 24/7 Threat Monitoring - SOC capability design and deployment - Cyber Threat intelligence - Reporting - Cyber incidence response - Cyber Forensics Cyber Security solutions, Roadmap and implementation – By Sandeep Kumar Proposed solutions
- 13.
- 14.
- 15.
- 16. Cyber Security solutions,Roadmap and implementation – By Sandeep Kumar 16
Editor's Notes
- #6 The most seen attack types in the last three years (2020, 2021, and 2022) are Ransomware (%22), Data Breach (%18.6), Phishing (%15.3), and DDoS (%7.3). Meanwhile, %16 of the attack type was other/unknown. Philippine Airlines confirmed that a cybersecurity breach had affected their third-party IT provider for their frequent flyer program. Members’ names, birth dates, nationality, gender, joining date, tier level, and points balance were among the information compromised. The airline advised members to change their passwords immediately.