Aviation, like many other industries these days, is highly connected. Airplanes themselves use millions of lines of code to stay airborne; pilots use electronic flight bags to perform their flight management tasks; and there are an increasing number of airlines that offer passengers in-flight Wi-Fi, as well as using this connection to communicate with air traffic control.
However, along with streamlining the work of these companies’ employees, these new technologies also significantly increase the attack surface; and a cyberattack affecting an airplane in flight would clearly have devastating effects. Given this, it is not surprising that, according to a study by SITA, 66% of aviation organizations assign overall responsibility of cybersecurity to a C-suite executive.
It is also important to bear in mind the fact that airlines handle a vast quantity of customer personal data. What’s more, given the nature of this sector, this includes highly sensitive information, such as payment cards and passport numbers. And this danger isn’t theoretical: in September 2018, British Airways was hit by a data breach in which personal data – including passport numbers and credit card details – of some 500,000 customers was stolen.
Case study: National Airways Corporation
Founded in 1946, National Airways Corporation (NAC) has grown to become the largest general aviation company in Africa, and one of the largest of its kind in the world.
The situation
National Airways Corporation’s growth has seen the organization take on global markets and expand into new territories. This has also led to a more mobile workforce. However, with employees traveling and working in remote regions, monitoring activities and threats on their devices has become a major challenge. This was an obvious security concern for NAC.
The problem
With the help Panda Premier partner, Chrono-Logic, NAC identified two key problem areas.
- Securing the organization against advanced cyberthreats.
- Managing and monitoring a vast array of distributed devices.
As Brandon Kennedy, IT Manager at National Airways Corporation says, “We have found one of the biggest threats to our security is what people bring back on their devices. With a remote workforce in high risk areas, where cyberattacks are a daily reality, security is a big concern for us”.
In order to mitigate this threat, NAC needed to ensure that all its devices – both inside and outside its network – were protected, and that it was possible to access them and monitor them remotely.
Evaluation
With these challenges in Mind, ChronoLogic set to work with Panda Security to provide NAC with a global solution that integrated two corporate cybersecurity solutions: Systems Management and Panda Adaptive Defense 360.
The advanced cybersecurity solution Panda Adaptive Defense 360 protects NAC from traditional and advanced threats, such as exploits, insider attacks and hacking attacks. Besides this, Adaptive Defense 360 combines EDR (Endpoint Detection and response) and EPP (endpoint protection), offering a service that classifies all applications that are executed on an organization’s network with total security. Additionally, Panda’s monitoring and remote management software, Systems Management, provides the airline with even more control over the organization’s IT infrastructure.
“Panda’s AD360 was incredibly easy to implement across our network, we were very impressed with how seamless implementation was given the nature of our network. The ability to download the email link meant that we did not have to physically install the solution on individual devices, All the end-user needed to do was click the installation link”, says Kennedy.
The solution
Adaptive Defense 360 and Systems Management are invaluable innovative software solutions for this organization, given the complex, dynamic environment and the efforts made by cybercriminals. “We’ve noticed a marked improvement in the stability of the network, as well as a network free of advanced attacks such as ransomware,” says Kennedy.