Cybersecurity

As airports continue to embrace digital transformation and rely on advanced technologies, safeguarding critical assets and sensitive data has become paramount. In this current digital age, the aviation industry faces an ever-evolving landscape of cyber threats, making robust cybersecurity measures a necessity.

Through advocacy and the development of programs and services, ACI World is fully committed to developing safe and secure airport operations in the realm of cybersecurity. Our comprehensive approach focuses on equipping airports with training, tools, and guidance to mitigate risks, detect and respond to threats, and build resilient systems.

Useful links

APEX in Cybersecurity

Cybersecurity Publications

Cybersecurity Training

Cybersecurity Articles

Cybersecurity Webinars

APEX in Cybersecurity

The APEX Cybersecurity Assessment program is an onsite airport review led by industry peers and experts and serves as a starting point for assessing cybersecurity practices at airports. The program provides a holistic and proactive approach to assessing and enhancing an airport’s cybersecurity posture.

Learn more about APEX in Cybersecurity

Cybersecurity External Resources

Below is an overview of regulations, standards, and guidance related to aviation cybersecurity at a global level. It is meant to be a starting point and will be regularly updated.

For more information, comments, and suggestions related to this web page, or if you would like to engage with us on aviation cybersecurity, please contact us at airportit@aci.aero.

International Instruments

ICAO Cybersecurity Action Plan – The ICAO Cybersecurity Action Plan was developed to support States and the industry in the adoption of the Aviation Cybersecurity Strategy. This document provides fundamental information for ICAO, States, and the industry on the proposed principles, measures, and actions to achieve the objectives of the Aviation Cybersecurity Strategy.

ICAO Cybersecurity Policy Guidance – ICAO has developed guidelines relative to the protection and resilience of critical infrastructure against cyber threats within international civil aviation.

Cyber Industry Framework

NIST Cybersecurity Framework (CSF) 2.0 | Workshop #2 – The NIST Cybersecurity Framework 2.0 offers an updated and comprehensive set of guidelines and best practices designed to help organizations manage and reduce cybersecurity risks effectively. 

MITRE ATT&CK Framework – MITRE ATT&CK is a comprehensive knowledge base and methodology for understanding and categorizing the tactics, techniques, and procedures (TTPs) that adversaries use to compromise and navigate through computer systems.

ISO/IEC 27001 Standard – Information Security Management Systems – ISO/IEC 27001 provides a model to facilitate the process of establishing, implementing, operating, monitoring, reviewing, maintaining, and improving an information security management system. 

Aviation Industry Cyber Specific

Aviation ISAC (a-isac.com) – The A-ISAC website is a valuable resource for aviation-specific cybersecurity threats and intelligence sharing.

AirCyber – Air Cyber is a collaborative program for the standardization and increased maturity of cybersecurity levels.

IATA - Aviation Cyber Security – From the airline industry side, IATA also supports shaping the nature of how the industry responds to cyber security challenges.

ATM cybersecurity maturity model | EUROCONTROL – The Cybersecurity Maturity Model describes a range of capabilities to be adopted in an organization for an effective approach to cybersecurity.

SafeSkies – The National Safe Skies Alliance, Inc. is a non-profit organization that works with airports, government, and industry to maintain a safe and effective aviation security system.

Cybersecurity Courses

ACI’s training in cybersecurity provides airports with a comprehensive offer intended for all levels of airport managers and specialists. Through our training programs, ACI provides individuals with the knowledge and tools for the effective management of cybersecurity for their airport’s systems, networks, and data.

Learn more about cybersecurity training

Publications

ACI World produces cybersecurity publications highlighting best practices and industry driven statistics and analyses. Browse our list of publications below to gain insight on the industry and to find resources dedicated to improving airports cyber environment.

View all publications

Cybersecurity Incident Response Guidelines White Paper, First Edition
Cybersecurity Implementation Handbook
Cybersecurity for Airport Executives Handbook

ACI World Insights

Access the latest expert opinions, global tends and data-driven insights on the ACI World Insights blog. Stay informed to make strategic decisions that drive innovation in the airport and wider aviation sector.

View all articless

Cybersecurity-by-design – from an airport IT enterprise architecture perspective

Leong Yuh Khee, Senior Vice President of Airport Operations Technology & Corporate IT at Changi Airport Group, along with Chan Wee Lee, Associate General Manager of Airport Operations Technology & Corporate IT, and Jimmy Wong, a member of his team, explore the concept of cybersecurity-by-design from an IT practitioner’s perspective without delving into specific technical options. Cybersecurity-by-design is a mindset. Enterprise architecture is a discipline. Mindset is about how one views, values, and approaches things. It influences one’s behaviors, priorities, and how one judges whether an action is right, effective, and worth spending time...Read more
Ways to reduce DDoS attacks on airports

Eric Vautier, the Chief Information Security Officer of Groupe ADP, discusses the changing nature of DDOS attacks. He also discusses the strategies to safeguard airport websites, information systems, and infrastructure against such attacks. A Distributed Denial of Service (DDoS) attack occurs when a website or online service is overwhelmed with excessive internet traffic. Excessive traffic can cause the website or service to malfunction. DDoS attacks can take various forms, including volume-based attacks, protocol-based attacks, and application layer attacks. DDoS attacks have been around for a long time; however, we can observe new trends...Read more