Kazakhstan participation in the third meeting of the Cybersecurity Expert Group CYBERP/3 was held at the International Civil Aviation Organization office in Montreal The third meeting of the CYBERP/3 Group of Experts on Cybersecurity was held at the ICAO office in Montreal (Canada) from June 3 to 6, 2024. The meeting was attended by experts from more than 40 countries and other international organizations such as International Air Transport Association (IATA), African Civil Aviation Commission AFCAC, ACI, ASECNA, ECAC, CANSO, CACANS, the EU, EUROCONTROL, GEA, ICCAIA - International Coordinating Council of Aerospace Industries Associations, IFALPA and IAC. Kazakhstan was represented as an observer by Nurlan Kozhakhmetov, the Senior Aviation Inspector for Cybersecurity of the Aviation Security Department of JSC "Aviation Administration of Kazakhstan." During the meeting, problematic issues based on the results of CYBERP/2, new developments, and the exchange of best practices were discussed. The working groups of the committees also covered the need to develop a cybersecurity guide and glossary, analyze gaps in the SARPs system, and assess global cyber risks. This included crisis response measures and the establishment of a basic minimum approach to safety in civil aviation design. The problems and the need to strengthen cybersecurity measures in civil aviation, protect critical information infrastructure, improve global standards and practices, and report incidents were sharply raised. ICAO recognized that an important factor in ensuring the cybersecurity of civil aviation facilities is the training of cybersecurity inspectors, their professionalism, and the enhancement of global aviation security through training programs. It should be noted that participation in the meeting of the CYBERP/3 Group of Experts on Cybersecurity provides an opportunity to gain experience in solving problems related to cybersecurity, as well as to strengthen interaction and exchange of developments in the field of aviation cybersecurity among ICAO member countries, allowing these to be implemented in the regulatory legal acts of the Republic of Kazakhstan in the field of aviation cybersecurity.
Aviation Administration of Kazakhstan’s Post
More Relevant Posts
-
New EU Regulation Sets Information Security Requirements for Aviation Organizations. EASA published updated Easy Access Rules for Information Security. • The European Union has introduced a new regulation, (EU) 2023/203, to enhance information security in the aviation industry. • This regulation aims to identify and manage information security risks that could impact aviation safety, including threats to information and communication technology systems and data. • It applies to various aviation organizations, including maintenance organizations, air operators, training organizations, air traffic control training organizations, and air navigation service providers. • The regulation requires organizations to implement and maintain information security management systems to detect, respond to, and recover from information security incidents. • It also establishes reporting requirements for information security incidents and outlines the responsibilities of competent authorities in overseeing organizations' compliance with these requirements. • The regulation aligns with existing information security and cybersecurity requirements in EU legislation and complements the security measures specified in Regulation (EU) 2021/696 for the Single European Sky. • Organizations have three years to comply with the new regulation, except for the air navigation service provider of the European Geostationary Navigation Overlay Service (EGNOS), which has a later compliance date of January 1st, 2026.
To view or add a comment, sign in
-
OpenARIA: Open-source edition of the Aviation Risk Identification and Assessment (ARIA): MITRE now offers an open-source version of its Aviation Risk Identification and Assessment (ARIA) software suite, OpenARIA. This initiative is dedicated to enhancing aviation safety and efficiency through the active involvement of the aviation community. ARIA suite The first prototype of ARIA was developed for the Federal Aviation Administration (FAA) in collaboration with the FAA’s Safety and Technical Training service unit Quality Assurance (QA) group, and it was introduced in October 2020. During 2021 and … More → The post OpenARIA: Open-source edition of the Aviation Risk Identification and Assessment (ARIA) appeared first on Help Net Security. @Poseidon-US #HelpNetSecurity #Cybersecurity
To view or add a comment, sign in
-
OpenARIA: Open-source edition of the Aviation Risk Identification and Assessment (ARIA): MITRE now offers an open-source version of its Aviation Risk Identification and Assessment (ARIA) software suite, OpenARIA. This initiative is dedicated to enhancing aviation safety and efficiency through the active involvement of the aviation community. ARIA suite The first prototype of ARIA was developed for the Federal Aviation Administration (FAA) in collaboration with the FAA’s Safety and Technical Training service unit Quality Assurance (QA) group, and it was introduced in October 2020. During 2021 and … More → The post OpenARIA: Open-source edition of the Aviation Risk Identification and Assessment (ARIA) appeared first on Help Net Security. #HelpNetSecurity #Cybersecurity
OpenARIA: Open-source edition of the Aviation Risk Identification and Assessment (ARIA) - Help Net Security
https://www.helpnetsecurity.com
To view or add a comment, sign in
-
Security Breach: SQL Injection Vulnerability Allows Unauthorized Access to Airports Researchers have uncovered a critical security flaw that could potentially compromise airport security. A SQL injection vulnerability has been identified in a system used to verify the credentials of pilots and crew members, allowing unauthorized individuals to bypass TSA security checks and gain access to restricted areas. This alarming revelation raises serious questions about the integrity of airport security protocols and the potential risks posed to air travel. Key points: SQL injection vulnerability: A flaw in the system's coding allowed attackers to manipulate database queries and gain unauthorized access. Bypass security checks: The vulnerability could enable individuals to bypass TSA screenings and gain access to restricted areas, including aircraft cockpits. Potential risks: This breach poses a significant threat to aviation safety and could have far-reaching consequences. Note: The specific airport and country affected by the SQL injection vulnerability remain undisclosed, but this incident underscores the need for stronger cybersecurity measures in aviation to protect against potential threats. #cybersecurity #TSA #SQLinjection
To view or add a comment, sign in
-
Transport Security International – Raising Security Training Standards to Improve Preparedness in an Evolving Security Landscape Preparedness facilitates greater alertness of threats to security through continuous assessment of evolving risk, robust and repetitive training and routine practice, as well as clear escalation and response procedures, and ongoing quality assurance. As new, and often unpredictable terrorist tactics emerge, it is imperative that the security industry evolves with the changing security landscape where high-volume public spaces and transport networks have become a prime target for terrorist attacks designed to achieve maximum notoriety. Industry should support working collaboratively towards setting standards for the effective application of security measures and processes in large public spaces and transport infrastructure, underpinned by rigorous and certified training standards, practices and outcomes. Leading the way is aviation security, reinforced by a mandated syllabus and quality assurance framework that is overseen by the Civil Aviation Authority (CAA), with performance and quality-based metrics. The robustness of aviation security training processes enables better preparedness across a broad range of threats and vulnerabilities with a capability that is standardized and reliable in its delivery of threat mitigations which are repeatedly assessed to be assured of their effectiveness. Read the full article just published in TRANSPORT SECURITY INTERNATIONAL below https://lnkd.in/etjMjzDD SUBSCRIBE via www.tsi-mag.com/subscribe ✈ Transport Security International Magazine is the only publication world-wide dedicated to the overlapping technologies of Transport Security - read your copy for free via www.tsi-mag.com/current or for All back issues see https://lnkd.in/egpguEGA If you want to reach this market then contact Sam Stokes who is the publishing director and Joy Finnegan if you want to share your editorial for possible publication. Paul Mason
To view or add a comment, sign in
-
On May 16, 2024, President Biden signed the FAA Reauthorization Act of 2024 into law, reauthorizing funding for the FAA and the National Transportation Safety Board through September 2028. The Act includes a significant focus on Aviation Cybersecurity, with mandates such as exclusive rulemaking authority for the FAA Administrator and the establishment of a National Airspace System Cyber Threat Management Process. Additionally, the Act requires the FAA to consider revising regulations for airworthiness certification and convene a Civil Aviation Cybersecurity Rulemaking Committee within a year of passage. Entities and service providers in the aviation industry are encouraged to review their cybersecurity processes in anticipation of forthcoming regulations. Stay tuned for updates on the implementation of these essential cybersecurity measures. #Aviation #Cybersecurity #FAAReauthorizationAct
U.S. Zeroes In on Aviation Cybersecurity With FAA Reauthorization Act
jonesday.com
To view or add a comment, sign in
-
A very topical subject, now is the time to evaluate where we are, how we got here and where we want to be in the aviation security training sector. One things for sure, we’re beyond box ticking.
Transport Security International – Raising Security Training Standards to Improve Preparedness in an Evolving Security Landscape Preparedness facilitates greater alertness of threats to security through continuous assessment of evolving risk, robust and repetitive training and routine practice, as well as clear escalation and response procedures, and ongoing quality assurance. As new, and often unpredictable terrorist tactics emerge, it is imperative that the security industry evolves with the changing security landscape where high-volume public spaces and transport networks have become a prime target for terrorist attacks designed to achieve maximum notoriety. Industry should support working collaboratively towards setting standards for the effective application of security measures and processes in large public spaces and transport infrastructure, underpinned by rigorous and certified training standards, practices and outcomes. Leading the way is aviation security, reinforced by a mandated syllabus and quality assurance framework that is overseen by the Civil Aviation Authority (CAA), with performance and quality-based metrics. The robustness of aviation security training processes enables better preparedness across a broad range of threats and vulnerabilities with a capability that is standardized and reliable in its delivery of threat mitigations which are repeatedly assessed to be assured of their effectiveness. Read the full article just published in TRANSPORT SECURITY INTERNATIONAL below https://lnkd.in/etjMjzDD SUBSCRIBE via www.tsi-mag.com/subscribe ✈ Transport Security International Magazine is the only publication world-wide dedicated to the overlapping technologies of Transport Security - read your copy for free via www.tsi-mag.com/current or for All back issues see https://lnkd.in/egpguEGA If you want to reach this market then contact Sam Stokes who is the publishing director and Joy Finnegan if you want to share your editorial for possible publication. Paul Mason
To view or add a comment, sign in
-
We are passionate that the public should have assurance that security personnel are trained to the highest standard. Our recent article with ✈ Transport Security International Magazine explains how aviation security is leading the way in this and steps that can be taken to improve preparedness.
Transport Security International – Raising Security Training Standards to Improve Preparedness in an Evolving Security Landscape Preparedness facilitates greater alertness of threats to security through continuous assessment of evolving risk, robust and repetitive training and routine practice, as well as clear escalation and response procedures, and ongoing quality assurance. As new, and often unpredictable terrorist tactics emerge, it is imperative that the security industry evolves with the changing security landscape where high-volume public spaces and transport networks have become a prime target for terrorist attacks designed to achieve maximum notoriety. Industry should support working collaboratively towards setting standards for the effective application of security measures and processes in large public spaces and transport infrastructure, underpinned by rigorous and certified training standards, practices and outcomes. Leading the way is aviation security, reinforced by a mandated syllabus and quality assurance framework that is overseen by the Civil Aviation Authority (CAA), with performance and quality-based metrics. The robustness of aviation security training processes enables better preparedness across a broad range of threats and vulnerabilities with a capability that is standardized and reliable in its delivery of threat mitigations which are repeatedly assessed to be assured of their effectiveness. Read the full article just published in TRANSPORT SECURITY INTERNATIONAL below https://lnkd.in/etjMjzDD SUBSCRIBE via www.tsi-mag.com/subscribe ✈ Transport Security International Magazine is the only publication world-wide dedicated to the overlapping technologies of Transport Security - read your copy for free via www.tsi-mag.com/current or for All back issues see https://lnkd.in/egpguEGA If you want to reach this market then contact Sam Stokes who is the publishing director and Joy Finnegan if you want to share your editorial for possible publication. Paul Mason
To view or add a comment, sign in
-
**🛫 Ensuring Safe & Secure Aviation Operations: Key Challenges & Solutions 🛫** The aviation industry faces unique and evolving security challenges. Here are some critical issues and actionable solutions: 1. **Equipment Malfunction & False Signals:** Regular calibration and backup systems ensure technology provides accurate data. 2. **Overdependence on Technology:** Training security teams to spot threats beyond what technology detects reinforces human oversight. 3. **Inadequate Threat Anticipation:** Global intelligence sharing and predictive analytics can help identify emerging risks proactively. 4. **Complacency in Security Procedures:** Regular audits and unannounced drills keep vigilance high and reinforce procedural adherence. 5. **Insufficient Stakeholder Coordination:** Real-time communication systems and joint exercises create seamless emergency response. 6. **Cybersecurity Threats:** Robust protocols, including encryption and multi-factor authentication, help shield aviation systems from cyberattacks. 7. **Human Error in Operations:** Enhanced training and a culture of accountability minimize risks from oversight errors. 8. **Unsecured Peripheral Areas:** Expanding surveillance to less-trafficked zones strengthens perimeter security. 9. **Inadequate Emergency Response Plans:** Comprehensive, rehearsed crisis plans involving all stakeholders ensure readiness for worst-case scenarios. 10. **Resource Constraints in Developing Countries:** International collaboration provides funding and resources to standardize global security. By combining cutting-edge technology, trained personnel, and global cooperation, we can fortify aviation security and ensure safe flight operations across borders. #AviationSecurity #SafetyFirst #GlobalStandards #CyberSecurity #EmergencyPreparedness
To view or add a comment, sign in
-
🚢 Exciting developments in the maritime industry! Sandhya M. and I explore how the new regulation is set to bolster cybersecurity in shipbuilding and operations. 🛡️ As ships increasingly rely on digital technology, the threat of cyberattacks looms large. The recent crash of the Singaporean-flagged cargo ship Dali into Baltimore's Francis Scott Key Bridge serves as a stark reminder of the potential consequences. However, with new rules coming into play, there's hope for enhanced cybersecurity measures. "I need look no further than the very recent Francis Scott Key Bridge incident… any of these fiascos could occur as a result of a cyber incident, putting the ship on an errant course, killing people, and causing considerable physical damage," stated Ilan Barda, CEO of Radiflow, emphasizing the urgency for robust cybersecurity in maritime operations. These sentiments echo the sentiments of other experts like Jongung Choi, PhD, Director of Autonomous Ship Research Center at Samsung Heavy Industries, who underscore the importance of minimizing cyber incidents at sea. The International Association of Classification Societies (IACS) has stepped up, revising regulations to ensure operational resilience and system integrity. With mandatory requirements set to take effect from July 1, 2024, ships will need to adhere to stringent cybersecurity standards, covering both IT and OT equipment integration and third-party equipment security. While these regulations may pose challenges for manufacturers, including increased costs and compliance burdens, the benefits far outweigh the risks. Gabriela Michael, Faculty Member at Symbiosis Law School, highlights the broader consequences cyberattacks could have, emphasizing the need for proactive measures. As we navigate this digital evolution in maritime operations, it's crucial to address third-party risks and vulnerabilities, as highlighted by Ilan Barda. Read more: www.ot.today Thank you: Ilan Barda, Jongung Choi, and Gabriela Michael for your valuable insights. #Cybersecurity #MaritimeIndustry #IACSRegulations #OTSecurity #GovernmentInitiatives #FrancisScottKeyBridge #BaltimoreShipAccident
New Rules for Shipbuilding Focus on IT/OT Cybersecurity
ot.today
To view or add a comment, sign in
3,612 followers
Civil Aviation Legal Expert
5moExciting!