Research Field: Security
Airports rely on a significant amount of electronic information and technology in their day-to-day operations, and the amount of electronic data airports collect, store, and use continues to grow. Yet the risk of adverse cybersecurity events appears to be increasing at an even more rapid rate. These events can be significant and debilitating to operations, affect numerous stakeholders, result in adverse financial impacts, and reduce public trust. ACRP published Report 140: Guidebook on Best Practices for Airport Cybersecurity in 2015, and since that time, there have been many lessons learned, both within and outside the industry, and the actors instigating these attacks have grown more bold and sophisticated. The findings and guidance therefore need to be updated and expanded. Additionally, since attacks at a single airport can cause rippling effects throughout the aviation system, airports need to be able to develop response plans that address their particular facility.
The objective of this research is to provide airports with the latest understanding of cybersecurity threats, provide updated guidance and tools reflecting recent recommended mitigation and response practices, and allow airports to tailor these practices to their unique operational requirements and resources.