Writes Bryan Mills
We are continuing our work on the Civil Aviation Authority’s Assure programme. Like the whole of the aviation industry, progress is slowed by COVID and its aftermath. However, in addition to one aviation service provider for whom we have reviewed their cybersecurity state and are now waiting to start training for the next stage, we have nearly completed the preparation for the final assessment for another such aviation service supplier. We have also issued some generalised advice on the appointment of an appropriate assessor. This has led us to apply successfully to be appointed an assessor ourselves.
Obviously, we cannot both prepare a candidate organisation for assessment, and perform the assessment, but it has become clear that some aviation organisations will only require assessment; being qualified as an assessor increases the target market. There is a good chance that the Assure standards will be adopted by other countries’ aviation industries.
John McCarthy continues to represent ServiceTec on ACI Europe Security Committee, where action on cybersecurity is becoming increasingly significant. As a by-product of this activity ACI Europe is seeking to develop an open hardware standard for cybersecurity equipment, and then to take an active part in setting and testing conformity to these standards. The actual testing will be undertaken by commercial aviation industry suppliers such as ServiceTec.
As the industry emerges from the post-COVID turmoil, more opportunities for cybersecurity training are appearing and we are actively pursuing these.
