Windhoek
Air Namibia yesterday said it will have to start afresh to ensure that its information technology systems are safe and not vulnerable to cyber attacks that have become an ever-increasing risk to the global aviation industry. This comes after the national airline’s acting Managing Director, Adv. Mandy Samson, attended a panel discussion on cyber security as a critical issue for the aviation industry at last week’s International Air Transport Association (IATA) annual general meeting (AGM) in Dublin, Ireland.
A panel discussion of security experts at the AGM warned that while no business is immune, the aviation is a specific target for those intent on doing cyber mischief and theft, or worse.
“That presentation on cyber security at IATA really frightened me because it brought across how easy hacking is and how most systems are vulnerable. We have people doing bookings online and we have reservation systems that will be linked to the internet and so forth,” said Samson during an interview in Windhoek yesterday.
Samson admitted that while Air Namibia regularly conducts exercises on physical security threats, much more needs to be done to reduce vulnerability from cyber attacks. “With cyber security we will have to start at zero and put in place proper measures to deal with any type of cyber security threat. I know that we are working towards a fully integrated state-of-the-art information technology system. We will now have to embark on a stress test of our systems to identify any vulnerabilities and also where we can back them up. This would go beyond the obvious, such as malware and firewalls on all computers, which are the norm for all businesses,” said Samson. She added that the airline’s updated security systems should be in place by the end of this year.
During the cyber security panel discussion in Dublin, security experts reviewed how a harmonised approach could be achieved, such as working with governments and following the example of decades of successful government-industry cooperation on safety. The panel also considered how to best address the threats of a constantly shifting cyber arena and identify actions that airlines can take to be prepared against cyber-security attacks, including possible opportunities for partnering with other stakeholders, either within the air transport value chain or outside it.
“Commercial aviation was built on cooperation. Every flight that takes off or lands is the result of working together and information sharing among many different entities such as airlines, airports and air navigation service providers. Yet the very nature of our collaboration also enables potential cyber vulnerabilities. Industry cooperation, while an absolute necessity, cannot achieve everything without the support of governments,” read a statement from the panel.
IATA’s role with regard to this issue is to assist airlines in developing a cyber security strategy and has put in place a three-pillar strategy that comprises risk management, advocacy as well as reporting and communication. A positive development in this aspect was the signing of a Civil Aviation Cyber Security Action Plan during the AGM and the work of the Industry High Level Group, which includes various stakeholders and organisations. The goal is to ensure that all industry stakeholders and governments promote a coherent and consistent approach to cyber security.