Presenter Email
Gary.Kessler@erau.edu
Location
Jim W. Henderson Administration & Welcome Center (Bldg. #602)
Start Date
8-15-2018 9:30 AM
End Date
8-15-2018 10:45 AM
Submission Type
Presentation
Keywords
aviation, cybersecurity, information security, aerospace, aeronautics
Abstract
Information security—aka cybersecurity—is the most rapidly growing threat to critical infrastructures, including the aviation industry. Due to the plethora of digital devices, ubiquity of the Internet and other networks, and the rapid growth in the adoption of technology, everyone is an information system security manager. Every professional in the aviation and aeronautics industry use computers, mobile devices, tablets, GPS devices, and/or other hardware on a daily basis, as well as go online for a variety of reasons.
Attacks on information have been ongoing since the inception of the industry a hundred years ago, in such forms as intellectual property theft and industrial espionage. But the threats today have expanded to use the Internet as a threat vector, used by cybercriminals and other professional attackers on aerospace and defense organizations, creating national security vulnerability and an existential threat to the industry.
This presentation will present a high-level view of the threat vectors in the aviation industry. The different sectors within the industry will be described and potential threat vectors within the sectors identified. The "systems of systems" comprising the industry will be addressed in order to demonstrate how threats can emanate from one "trusted" organizations to another. Points of entry for cyberattacks will be addressed, such as networks, communications systems, the Internet of Things, and human error.
Presenter Biography
Gary C. Kessler, Ph.D., CCE, CISSP, is a Professor of Cybersecurity and chair of the Security Studies & International Affairs Dept. at Embry-Riddle Aeronautical University in Daytona Beach, Florida. Gary's research interests include digital forensics, cybersecurity, and cyberdefense, with a particular interest in aviation and maritime cyber issues. Gary is also president and janitor of Gary Kessler Associates, a training and consulting company specializing in computer and network security and digital forensics; Adjunct Professor at Edith Cowan University in Perth, Western Australia; and a member of the North Florida and Hawaii Internet Crimes Against Children (ICAC) Task Forces. Gary is the author of two professional texts and over 70 papers and articles, and a frequent speaker at regional, national, and international conferences. He is also an editor, and past editor-in-chief of the "Journal of Digital Forensics, Security and Law." Gary is a Master SCUBA Diver Trainer and U.S. Coast Guard licensed captain. More information about Gary can be found at his Web site, http://www.garykessler.net
Original PowerPoint, Full-res
Aviation Cybersecurity: An Overview
Jim W. Henderson Administration & Welcome Center (Bldg. #602)
Information security—aka cybersecurity—is the most rapidly growing threat to critical infrastructures, including the aviation industry. Due to the plethora of digital devices, ubiquity of the Internet and other networks, and the rapid growth in the adoption of technology, everyone is an information system security manager. Every professional in the aviation and aeronautics industry use computers, mobile devices, tablets, GPS devices, and/or other hardware on a daily basis, as well as go online for a variety of reasons.
Attacks on information have been ongoing since the inception of the industry a hundred years ago, in such forms as intellectual property theft and industrial espionage. But the threats today have expanded to use the Internet as a threat vector, used by cybercriminals and other professional attackers on aerospace and defense organizations, creating national security vulnerability and an existential threat to the industry.
This presentation will present a high-level view of the threat vectors in the aviation industry. The different sectors within the industry will be described and potential threat vectors within the sectors identified. The "systems of systems" comprising the industry will be addressed in order to demonstrate how threats can emanate from one "trusted" organizations to another. Points of entry for cyberattacks will be addressed, such as networks, communications systems, the Internet of Things, and human error.
Comments
Presented during Session 8: Technology in Aviation