The Silent Threat of Interconnectivity

29 Apr 2021

pics — Genetec's Cheryl Stewart, Industry & Application Marketing Analyst (above) and Giovanni Taccori, Commercial Lead Airport APAC.

The adoption of digital technology to transform services or businesses – better known by the phrase digital transformation – has risen to the top of airport agendas. An unexpected side-effect of the pandemic has been the acceleration of the digital transformation process. Concerningly though, the increase in connectivity brings with it an increase in the risk of cyberattacks as Genetec's Cheryl Stewart, Industry & Application Marketing Analyst and Giovanni Taccori, Commercial Lead Airport APAC explain.

According to a recent survey done by Genetec across 1500 physical security professionals, 67% responded that cybersecurity is going to be a priority in 2021 and beyond. The remaining 33% struggle to balance allocating resources to focus on cybersecurity or other security risks associated with their complex operational environment.

As systems and hardware continue to become increasingly interconnected, we inadvertently open ourselves to new risks and vulnerabilities from cyber threats. The World Economic Forum predicts that digital transformation will hit $100 trillion in value globally by 2025. Consequently, they also expect that the potential costs could go up to $90 trillion in net economic impact by 2030 if cybersecurity efforts do not keep up with the growing interconnectedness of people, data, and assets.

So, how can organizations find that balance between digitization, connectivity, and cybersecurity?

Digitization, connectivity and cybersecurity

Over the past years, digital transformation has accelerated in airports, especially in passenger-facing services such as check-in kiosks, bag-drop, and self-boarding passes. However, improvements to back-end systems such as IT and security systems lag behind. Leaving back-end systems to age hinders the potential enhancements to airport operations in the long run. Moreover, outdated systems often get pushed to their limits by digitization. This increased load makes them more vulnerable to attack as resources are stretched thin.

Based on a recent study by cybersecurity firm Immuniweb, 97 out of the top 100 largest airports in the world failed basic security checks made to test the strength of their security system. According to another study conducted by the European Aviation Security Agency (EASA), an average of 1000 cyber-attacks occur each month in airports. These are indeed concerning numbers as airports are increasingly exposed to such breaches as they move into this digital age where the majority of systems and hardware within organizations are interconnected.

So, the question is, what can airports do to harden their cybersecurity infrastructure to prevent such breaches from tarnishing their reputation and affecting their bottom line? And since removing digital transformation from the equation is not a viable option, what are some key tips for airports to improve their cybersecurity position?

Invest in a reliable security system: As cyberattacks evolve, looking for a security system designed and developed with cybersecurity in mind is mandatory. Cybercriminals have gone from lone wolf hackers to more sophisticated and organized groups. Search for a solution designed with several security layers, employing advanced authentication and encryption technologies. A reliable security system anticipates and prevents breaches. It can report what’s happening in the airport environment and what actions to take to get the airport back on track. The solution should also be flexible. One that can adjust with industry requirements - providing system maintenance and updates regularly. Understanding how to harden a cybersecurity platform is key.
Protect physical security just as much as cybersecurity: Your cybersecurity is only as strong as your weakest link. Edge devices are often a weaker link due to the misconception that a camera or an access control reader cannot be an attack vector. However, these devices remain part of the connected airport system, which means cybercriminals can access and compromise internal systems through vulnerable physical assets that serve as network access points. Hence, specific measures need to be put in place to ensure the protection of physical asset and its management system. This begins as early as carefully selecting trustworthy vendors throughout the physical security supply chain and verifying their cybersecurity commitments.
Explore airport-specific security solutions: Airports, like all industries, face their own distinct challenges. Having a security system that tackles airport-specific problems is ideal in safeguarding its system. These days, buying into a system that only serves one purpose is short-sighted. Security systems should not limit themselves to providing airports advanced protection. They should also enable airports to leverage data collected within the system to uncover insights that can optimize airport operations and passenger experiences.

Moving forward

As systems and environments continue to evolve, so should the approach towards new risks and vulnerabilities. Adopting a holistic approach towards cybersecurity and physical resilience should be the new framework moving forward. Do not let the silent threat of interconnectivity take control of your security environment.

Affiliate World Business Partner Genetec Inc is a leading technology provider of business intelligence, unified physical security, public safety, and operations for many sectors, including airports. Genetec develops open-platform software, hardware and cloud-based services for the physical security and public safety industry.