Business Risk Profile: Aviation

For adversaries seeking to attract global attention, cause widespread disruption, or gain access to proprietary information, the aviation industry can be a desirable target. Not only do the world’s airlines carry more than 3 billion passengers every year and a maintain a substantial stake in the global economy, aviation companies harbor access to an abundance of invaluable systems and information. However, since the majority of aviation security resources are understandably allocated toward enhancing physical safety, threats that originate on the Internet can be easily overlooked.

Addressing these types of threats is often exceedingly challenging, which is why more aviation companies are turning to Business Risk Intelligence (BRI) to gain a decision advantage over adversaries. Indeed, BRI provides comprehensive visibility into the Deep & Dark Web communities where these adversaries congregate, thereby empowering aviation companies to mitigate a broad spectrum of physical and cyber risks, some of which are driven by:

Geopolitical Tensions

Due to its large economic footprint and global visibility, the aviation industry has been known to become inadvertently entangled in geopolitical issues and subsequent activist activity. In fact, activist demonstrations in recent years have caused multiple runway and/or terminal shutdowns. At one airport, a 2016 protest halted flights for more than six hours, resulting in 120 flight cancellations. Ultimately, instances of activism can impede operations, cause global flight delays, and result in reputational damage — all of which can have substantial financial impacts for airline carriers.

Intellectual Property Theft

The aviation industry is home to vast amounts of intelligence property (IP), indicating M&A engagements, technological innovation, and market strategy. Unfortunately, this abundance of IP is seen as highly-desirable among adversaries ranging from cybercriminals and fraudsters to malicious insiders and even state-sponsored actors. In many cases, the high black-market value and ample demand for IP on the Deep & Dark web entices adversaries to actively seek access to IP via various schemes. Without visibility into the underground forums and marketplaces where such schemes are hatched and IP is bought and sold, aviation companies may struggle to ensure that intangible assets are adequately secured.

Supply Chain Security

Since decentralized, widely-dispersed supply chains are common among aviation companies, insufficient supply chain security can give to rise to various cyber and physical risks. Companies that lack visibility into the security measures and quality controls practiced by upstream suppliers and manufacturers may be unaware of potential threats and vulnerabilities. As the aviation industry continues to become more reliant on internet-connected systems and, in many cases, Internet of Things (IoT) devices, many companies face an even greater risk of supply chain security issues. Indeed, such issues can impact any part of the aviation industry and yield damages ranging from additional costs and production delays to data breaches, IP theft, and even the physical endangerment of stakeholders.

While addressing many of these threats will likely always present challenges, aviation companies that implement a BRI strategy can attain proactive visibility into relevant threats and ultimately gain that decision advantage over physical and cyber adversaries.

To learn more about how aviation companies are leveraging Business Risk Intelligence to address a broad spectrum of physical and cyber threats, download our use cases here.

Flashpoint will be attending the Aviation Information Sharing and Analysis Center (A-ISAC) Summit on November 8-10, 2017, in Miami, FL. If you would like to schedule a meeting with us onsite during the event, please contact us here.