<!DOCTYPE html> <html lang="en"> <head> <meta charset="utf-8"> <meta http-equiv="X-UA-Compatible" content="IE=edge"> <meta name="viewport" content="width=device-width, initial-scale=1"> <!-- The above 3 meta tags *must* come first in the head; any other head content must come *after* these tags --> <title>Airline Cybersecurity: Safeguarding Commercial and Private Aviation</title> <meta name="description" content="Cybersecurity resources, updates, and training programs for the commercial and private aviation."> <meta name="keywords" content="airline cybersecurity, aviation cybersecurity, aviation cybersecurity training, cybersecurity for airlines, aviation cybersecurity threats, aviation cybersecurity news, aviation data protection, aviation network security, private aviation cybersecurity"> <script type="application/ld+json"> { "@context": "https://schema.org", "@type": "BreadcrumbList", "itemListElement": [ { "@type": "ListItem", "position": 1, "name": "Index", "item": "https://www.airline-cybersecurity.ch" }, { "@type": "ListItem", "position": 2, "name": "NIS 2 Directive, training for the aviation industry", "item": "https://www.airline-cybersecurity.ch/NIS_2_Air_Transport.html" }, { "@type": "ListItem", "position": 3, "name": "Aviation - Critical Entities Resilience Directive (CER)", "item": "https://www.airline-cybersecurity.ch/CER_Directive_Training.html" }, { "@type": "ListItem", "position": 4, "name": " Airline Cybersecurity Links", "item": " https://www.airline-cybersecurity.ch/Airline_Cybersecurity_Links.html" }, { "@type": "ListItem", "position": 5, "name": "Cyber Risk GmbH", "item": "https://www.cyber-risk-gmbh.com" } ] } </script> <script type="application/ld+json"> { "@context": "https://schema.org", "@type": "Organization", "name": "Cyber Risk GmbH", "url": "https://www.cyber-risk-gmbh.com", "logo": "https://www.cyber-risk-gmbh.com/Cyber_Risk_GmbH_Logo.jpg", "sameAs": [ "https://www.linkedin.com/company/71474270/admin/page-posts/published/", "https://x.com/Cyber_Risk_GmbH" ], "contactPoint": { "@type": "ContactPoint", "telephone": "+41-79-5058960", "contactType": "Customer Service", "areaServed": "Worldwide", "availableLanguage": "English" }, "founder": { "@type": "Person", "name": "George Lekatis" }, "description": "Cyber Risk GmbH is a leading provider of Cybersecurity training for the commercial and private aviation in Switzerland and worldwide.", "address": { "@type": "PostalAddress", "streetAddress": "Dammstrasse 16", "addressLocality": "Horgen", "addressRegion": "Canton of Zürich", "postalCode": "8810", "addressCountry": "CH" } } </script> <link rel="apple-touch-icon" sizes="180x180" href="apple-touch-icon.png"> <link rel="icon" type="image/png" sizes="32x32" href="favicon-32x32.png"> <link rel="icon" type="image/png" sizes="16x16" href="favicon-16x16.png"> <link rel="shortcut icon" type="image/x-icon" href="favicon.ico"> <link rel="manifest" href="manifest.json"> <meta name="msapplication-TileImage" content="mstile-150x150.png"> <meta name="theme-color" content="#ffffff"> <!-- Bootstrap --> <link href="css/bootstrap.min.css" rel="stylesheet"> <link href="css/style.css" rel="stylesheet"> <!--font-awesome--> <link href="https://stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css" rel="stylesheet"> <link href="https://fonts.googleapis.com/css2?family=Montserrat:wght@100;200;300;400;500;600;700;800;900&display=swap" rel="stylesheet"> <!-- Owl Stylesheets --> <link rel="stylesheet" href="css/owl.carousel.css"> <link rel="stylesheet" href="css/owl.theme.default.css"> <!-- javascript --> <script src="js/jquery.min.js"></script> <script src="js/owl.carousel.js"></script> <!-- HTML5 shim and Respond.js for IE8 support of HTML5 elements and media queries --> <!-- WARNING: Respond.js doesn't work if you view the page via file:// --> <!--[if lt IE 9]> <script src="https://oss.maxcdn.com/html5shiv/3.7.3/html5shiv.min.js"></script> <script src="https://oss.maxcdn.com/respond/1.4.2/respond.min.js"></script> <![endif]--> <meta name="google-site-verification" content="I0CDxLn5hun_Esd7Gf8jIPUBQ1eIIcVNsUQQ9d4Dq8Q"> <style> .wrapper-banner { background: url("Airline.jpg"); background-size: cover; background-position: center; } </style> <meta name="msvalidate.01" content="3992470AA0B488CE9CF07B1CD73A76D7"> <link rel="stylesheet" href="./style2.css"> <style> body { color: black; } </style> <style> a:link { color: blue; background-color: transparent; text-decoration: none; } a:visited { color: blue; background-color: transparent; text-decoration: none; } a:hover { color: red; background-color: transparent; text-decoration: underline; } a:active { color: blue; background-color: transparent; text-decoration: underline; } </style> </head> <body> <!-- Fixed navbar --> <div class="wrapper-menu"> <nav id="header" class="navbar navbar-fixed-top"> <div id="header-container" class="container navbar-container"> <div class="navbar-header"> <button type="button" class="navbar-toggle collapsed" data-toggle="collapse" data-target="#navbar" aria-expanded="false" aria-controls="navbar"> <span class="sr-only">Toggle navigation</span> <span class="icon-bar"></span> <span class="icon-bar"></span> <span class="icon-bar"></span> </button> <a id="brand" class="navbar-brand" href="https://www.disinformation.ch/"> <!--<img src="images/logo-black.png" alt="" class="shrink-logo"> --> </a> </div> <div id="navbar" class="collapse navbar-collapse"> <ul class="nav navbar-nav"> <li><a style = "color:#070579" href="https://www.airline-cybersecurity.ch" target="_blank" >Index</a></li> <li><a style = "color:#070579" href="https://www.airline-cybersecurity.ch/Airline_Cybersecurity_Training.html" target="_blank" > Aviation Cybersecurity Training</a></li> <li><a style = "color:#070579" href="https://www.airline-cybersecurity.ch/Airline_Cybersecurity_Board_Training.html" target="_blank" >Board Training</a></li> <li><a style = "color:#070579" href="https://www.airline-cybersecurity.ch/NIS_2_Air_Transport.html" target="_blank" >NIS 2 Training</a></li> <li><a style = "color:#070579" href="https://www.airline-cybersecurity.ch/CER_Directive_Training.html" target="_blank" >CER Training</a></li> <li><a style = "color:#070579" href="https://www.airline-cybersecurity.ch/Cybersecurity_Roadmap.html" target="_blank" >Cybersecurity Roadmap</a></li> <li><a style = "color:#070579" href="https://www.airline-cybersecurity.ch/Aviation_Cyber_Security_Strategy.html" target="_blank" >Cybersecurity Strategy</a></li> <li><a style = "color:#070579" href="https://www.airline-cybersecurity.ch/Airline_Cybersecurity_Links.html" target="_blank" >Airline Cybersecurity Links</a></li> <li><a style = "color:#070579" href="https://www.cyber-risk-gmbh.com" target="_blank">Cyber Risk GmbH</a></li> <li><a style = "color:#070579" href="https://www.cyber-risk-gmbh.com/Impressum.html" target="_blank">Impressum</a></li> </ul> </div> <!-- /.nav-collapse --> </div> <!-- /.container --> </nav> <!-- /.navbar --> </div> <div class="container-fluid wrapper-banner"> <div class="container"> <div class="top-banner"> </div> </div> </div> <div class="container-fluid projects-wrapper"> <div class="container"> <div class="row"> <div class="section-title"> <h1>Cybersecurity in the commercial and private aviation</h1> <br> <br> <p class="text-left"><b>Security and cybersecurity in the commercial and private aviation</b></p> <p class="text-left">The 1944 Convention on International Civil Aviation established the core principles of international transport by air, and led to the creation of the International Civil Aviation Organization (ICAO). ICAO’s core mandate, then as today, was to help States in achieving the highest possible degree of uniformity in civil aviation regulations, standards, procedures, and organization. </p> <p class="text-left">The U.S. government invited 55 States to attend an International Civil Aviation Conference in Chicago in 1944. Delegates travelled to Chicago, even from countries that were still occupied. They attended the Chicago Conference, and by its conclusion on 7 December, 1944, 52 of them had signed the <b>Convention on International Civil Aviation, </b>known then and today as the <b>Chicago Convention.</b></p> <p class="text-left">Today, ICAO is funded and directed by 193 national governments. The stipulations ICAO standards contain never supersede the primacy of national regulatory requirements. It is always the local, national regulations which are enforced in, and by, sovereign states, and which must be legally adhered to by air operators making use of applicable airspace and airports.</p> <p class="text-left">The most important legislative function performed by ICAO is the formulation and adoption of <b>Standards and Recommended Practices (SARPs) </b>for international civil aviation. </p> <p class="text-left">The measures taken by ICAO to prevent and suppress all acts of unlawful interference against civil aviation throughout the world is of critical importance to the future of civil aviation. SARPs for international aviation security were first adopted by the ICAO Council in March 1974, and designated as Annex 17 to the Chicago Convention.</p> <p class="text-left"> In 2021, the ICAO Council approved a new structure to address cybersecurity across the Organization. The new structure consists of a <b>Cybersecurity Panel</b> that reports to the Council’s Aviation Security Committee, an Ad-Hoc <b>Cybersecurity Coordination Committee </b>that reports to the Council, and an <b>expert group </b>dedicated to the International Aviation Trust Framework.</p> <p class="text-left">ICAO revised its Cybersecurity Action Plan and produced guidance material to support States and stakeholders in addressing cybersecurity and cyber resilience in civil aviation (Guidance on Traffic Light Protocol, Cybersecurity Policy Guidance and Guidance on Cybersecurity Culture in Civil Aviation).</p> <p class="text-left">In line with its cybersecurity training road map, ICAO continues to support States in the development of human resources and capacities needed to manage cybersecurity and cyber resilience in civil aviation. In 2021, ICAO launched its first cybersecurity and cyber resilience course entitled <b>“Foundations of Aviation Cybersecurity Leadership and Technical Management”,</b> which was developed in partnership with Embry-Riddle Aeronautical University. In partnership with EUROCONTROL, ICAO developed a second course addressing classical and cybersecurity aspects of ATM security.</p> <p class="text-left">The ICAO training programs are the most important in the industry. <b>Cyber Risk GmbH, a private company incorporated in Horgen, Switzerland, is not affiliated or connected to the ICAO in any way. </b>Cyber Risk GmbH is offering training programs in some difficult areas, like the new NIS 2 Directive of the European Union that changes the compliance requirements of many entities in the aviation industry, and programs that assist the Board of Directors and the CEO to understand cybersecurity challenges.</p> <p class="text-left">The Board of Directors and the CEO of entities in the aviation industry must understand that they are <b>high value targets. </b>For them, standard security awareness programs are not going to suffice. The way they are being targeted is anything but standard or usual. They are the recipients of the most sophisticated, tailored attacks, including state-sponsored attacks. These are attacks that are often well planned, well crafted, and employ advanced psychological techniques able to sway a target towards a desired (compromising) behavior without raising any alarms. </p> <p class="text-left">Countries expand their <b>global intelligence footprint</b> to better support their growing political, economic, and security interests around the world, increasingly challenging existing alliances and partnerships. They employ an array of tools, especially influence campaigns, to advance their interests or undermine the interests of other countries. They turn a power vacuum into an opportunity.</p> <p class="text-left">Countries use proxies (state-sponsored groups, organizations, organized crime, etc.) as a way to accomplish national objectives while limiting cost, reducing the risk of direct conflict, and maintaining plausible deniability.</p> <p class="text-left">With plausible deniability, even if the target country is able to attribute an attack to an actor, it is unable to provide evidence that a link exists between the actor and the country that sponsors the attack.</p> <br> <p class="text-left"><b>Our training programs</b></p> <p class="text-left"><a href="https://www.airline-cybersecurity.ch/Airline_Cybersecurity_Training.html" target="_blank" > Cybersecurity training for the commercial and private aviation</a></p> <p class="text-left"><a href="https://www.airline-cybersecurity.ch/Airline_Cybersecurity_Board_Training.html" target="_blank" >Cybersecurity training for the Board of Directors and the CEO in the commercial and private aviation</a></p> <p class="text-left"><a href="https://www.airline-cybersecurity.ch/NIS_2_Air_Transport.html" target="_blank" >NIS 2 Directive Training for the commercial and private aviation</a></p> <hr> <div class="container-fluid projects-wrapper"> <div class="container"> <div class="row"> <div class="section-title"> <h3>Cyber Risk GmbH, some of our clients</h3> <br> <div class="logos"> <div class="logos-slide"> <img src="Logos/XMA8.png" alt="" > <img src="Logos/SYGNIA5.jpg" alt="" > <img src="Logos/DELL3.jpg" alt="" > <img src="Logos/VW.jpg" alt="" > <img src="Logos/Bosch9.png" alt="" > <img src="Logos/Swisslife3.JPG" alt="" > <img src="Logos/ATLAS8.png" alt="" > <img src="Logos/INSIG8.png" alt="" > <img src="Logos/SANT8.png" alt="" > <img src="Logos/NTT38.png" alt="" > <img src="Logos/EIB15.PNG" alt="" > <img src="Logos/SC8.JPG" alt="" > <img src="Logos/schindler.jpg" alt="" > <img src="Logos/AO9.png" alt="" > <img src="Logos/GS300.JPG" alt="" > <img src="Logos/DB8.png" alt="" > <img src="Logos/TM8.png" alt="" > <img src="Logos/OK8.png" alt="" > <img src="Logos/PWC5.JPG" alt="" > <img src="Logos/Fujitsu.png" alt="" > <img src="Logos/HO5.JPG" alt="" > <img src="Logos/FIN22.png" alt="" > <img src="Logos/SAN8.png" alt="" > <img src="Logos/BAH9.png" alt="" > <img src="Logos/AT32.png" alt="" > <img src="Logos/WINS25.png" alt="" > <img src="Logos/SKY12.png" alt="" > <img src="Logos/RB78.png" alt="" > <img src="Logos/WU8.png" alt="" > <img src="Logos/TDC.JPG" alt="" > <img src="Logos/BH18.png" alt="" > <img src="Logos/DeepSec_Conference7.png" alt="" > <img src="Logos/DC12.png" alt="" > <img src="Logos/BROAD8.png" alt="" > <img src="Logos/LEMON8.PNG" alt="" > <img src="Logos/SIK8.PNG" alt="" > <img src="Logos/KUMO8.PNG" alt="" > <img src="Logos/VEST8.PNG" alt="" > <img src="Logos/MOXA8.PNG" alt="" > <img src="Logos/TIET8.PNG" alt="" > <img src="Logos/UNI8.PNG" alt="" > <img src="Logos/BCC11.PNG" alt="" > <img src="Logos/SN8.PNG" alt="" > <img src="Logos/KYN8.PNG" alt="" > <img src="Logos/PG8.PNG" alt="" > <img src="Logos/MER8.PNG" alt="" > <img src="Logos/LIB8.PNG" alt="" > <img src="Logos/ALI8.PNG" alt="" > <img src="Logos/USA8.PNG" alt="" > <img src="Logos/MAR8.PNG" alt="" > <img src="Logos/ABB8.PNG" alt="" > <img src="Logos/INSI8.PNG" alt="" > </div> </div> <script> var copy = document.querySelector(".logos-slide").cloneNode(true); document.querySelector(".logos").appendChild(copy); </script> </div> </div> </div> </div> <div class="container-fluid projects-wrapper"> <div class="container"> <div class="row"> <div class="section-title"> </div> </div> </div> </div> <!--<script src="https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js"></script> --> <script src="js/bootstrap.js"></script> <script> $(document).ready(function() { var owl = $('.cliend-logo'); owl.owlCarousel({ margin: 20, nav: true, loop: true, autoplay:true, autoplayTimeout:4000, responsive: { 0: { items: 1 }, 600: { items: 6 }, 1000: { items: 6 } } }) }) $(document).ready(function() { var owl = $('.testimonialstext'); owl.owlCarousel({ margin: 20, nav: true, loop: true, autoplay:true, autoplayTimeout:4000, responsive: { 0: { items: 1 }, 600: { items: 1 }, 1000: { items: 1 } } }) }) </script> <script> $(window).scroll(function() { if ($(document).scrollTop() > 50) { $('nav').addClass('shrink'); $('.add').hide(); } else { $('nav').removeClass('shrink'); $('.add').show(); } }); </script> </body> </html>