Industry Insight Special Report
MRO industry unprepared for cyber attacks
November 1st 2018
The Asia-Pacific airline MRO industry must urgently develop a comprehensive framework for mitigating and managing cyber risk, aviation risk analysts universally agree. Read More » They estimated criminal syndicates of hackers cost economies worldwide half a trillion dollars this year and that the profits of the fraudulent global business continue to grow.
Approximately 90% of the world’s airlines have a security strategy in place to fight off a cyber attack, but only 41% of carriers have established cyber security protection for their third party vendors. MROs themselves are the least protected, with 9% of the industry prepared to defend a cyber assault.
Fifty per cent of major airframe, engine and component manufacturers told the authors of the 2018 Oliver Wyman MRO report they could deflect a cyber attack, it said.
Systems vulnerability can take many forms at airline MROs and OEMs in the Asia-Pacific, especially as digitalization grows in the industry. Chief among them are the ability of hackers to penetrate an MRO defence wall via a less protected third party supplier, varying standards for cyber security that allow hackers to operate across borders, lack of uniformity in the industry’s approach to cyber security and the constant rotation of data through several networks that allows the hacker to remain anonymous as he or she seeks their ultimate destination.
In general, digitalization should be a point of acute attention in fighting off cyber attacks because unsecured data allows access points to other data that may not be protected. “It makes everyone vulnerable because potential targets, especially smaller companies, do not have the cyber preparedness of larger resourced companies, “ the Oliver Wyman report said.
All aviation MROs, and the industry at large, should establish a cyber security policy based on the National Institute of Standards and Technology of identity protection, detection, respond and recovery.