The National Academies Press

Currently Skimming:

Pages 20-38

The Chapter Skim interface presents what we've algorithmically identified as the most significant single chunk of text within every page in the chapter.
Select key terms on the right to highlight them within pages of the chapter.

From page 20... ... 20 The initial step to reduce cybersecurity risk is to identify the cyber threats that airports face and the data and systems that may be vulnerable to such threats. The next step is to protect those data and systems by implementing countermeasures that reduce the likelihood of a successful attack. Read the entire page →
From page 21... ... Implementing Countermeasures 21 While malware and virus attacks often manifest themselves on end points, they are carried, often stopped, and sometimes found on network devices. Some of the primary countermeasures that airports can take to protect their IT networks are as follows: Physical protection should be implemented to prevent criminals from gaining access to ports, cabling, and wireless devices. Read the entire page →
From page 22... ... 22 Guidebook on Best Practices for Airport Cybersecurity End-Point Systems End-point systems include desktop computers, laptops, and tablets, as well as personal devices such as smartphones. Within an airport environment, FIDS, a tenant or an airport's POS devices such as parking payment machines, electronic kiosks, and visual paging devices can be considered end-point systems. Read the entire page →
From page 23... ... Implementing Countermeasures 23 perspective, it does create an inconvenience to users, which should be considered as USB devices have become a common way of exchanging data. VPN software should be used to limit access within the airport's network when authorized users log in remotely. Read the entire page →
From page 24... ... 24 Guidebook on Best Practices for Airport Cybersecurity The problem is that cybersecurity best practices and countermeasures commonly applied to IT infrastructure have not been applied to ICS, although many are applicable. This is partially because these devices are often not considered vectors of cybersecurity attack and are therefore not always protected. Read the entire page →
From page 25... ... Implementing Countermeasures 25 Recommended countermeasures for protecting the types of ICS devices found at airports include the following (adapted from Infrastructure Security and Energy Restoration Committee 2007) : Limit connections to ICS so that only those that are needed are left open and those that are left open are properly secured. Read the entire page →
From page 26... ... 26 Guidebook on Best Practices for Airport Cybersecurity Include ICS-specific cybersecurity assurances in ICS procurement requirements. These include system configuration, physical access, authentication, system interconnectivity, malware detection requirements, and a variety of other considerations. Read the entire page →
From page 27... ... Implementing Countermeasures 27 When airport staff and consultants use public Wi-Fi while traveling for work purposes, they should be instructed to take the following precautions: Enable WPA2 security Disable automatic connections to new networks Disable file and printer sharing These basic precautions and others should be reviewed with IT service providers that install Wi-Fi network devices at airports. Security requirements should be considered as a part of the network design and should be required by contract. Read the entire page →
From page 28... ... 28 Guidebook on Best Practices for Airport Cybersecurity data that is encrypted at the cloud provider's site may be visible. Access credentials, if established via a web portal, may also have been intercepted or falsely generated by "man-in-the-middle" attacks (Butler 2014) Read the entire page →
From page 29... ... Implementing Countermeasures 29 of human action or inaction. "In most cases, negligence is the source of a breach. Read the entire page →
From page 30... ... 30 Guidebook on Best Practices for Airport Cybersecurity Attackers often exhibit some common traits, of which legitimate users should beware. These behaviors include the following: • Avoiding conflict by using a friendly approach rather than an aggressive one. Read the entire page →
From page 31... ... Implementing Countermeasures 31 their own devices that are best suited to their needs can also boost productivity. As with rental versus personally owned cars, users are more likely to treat their own equipment better (Citrix 2012) Read the entire page →
From page 32... ... 32 Guidebook on Best Practices for Airport Cybersecurity Scan network logs to determine if mobile devices are being used. If so, determine if they were used in appropriate ways. Read the entire page →
From page 33... ... Implementing Countermeasures 33 Social media, however, introduce a means of exposing information that, in some cases, should be protected. The use of social media in the work place also introduces additional cybersecurity risks that need to be considered. Read the entire page →
From page 34... ... 34 Guidebook on Best Practices for Airport Cybersecurity allow their system credentials to be stolen. Such unintentional behavior can be addressed by providing training and enforcing policy. Read the entire page →
From page 35... ... Implementing Countermeasures 35 A distinction can be made between organizations that provide services to airports (e.g., consultants) and those that provide services at airports but are not engaged by the airport itself (e.g., emergency responders) Read the entire page →
From page 36... ... 36 Guidebook on Best Practices for Airport Cybersecurity vulnerabilities, as well as assessing the likelihood of these vulnerabilities occurring and the impacts they may have. Such specialists can also help an airport prioritize the implementation of countermeasures to address these vulnerabilities. Read the entire page →
From page 37... ... Implementing Countermeasures 37 The choice as to which and how many of these service providers should be tapped is a decision each airport's management needs to make based on the relative cost versus the benefits they can provide. To help navigate the choices that exist, it is recommended that airport senior managers, CISOs, and IT staff prioritize the countermeasures they wish to implement, assess the skills and availability of existing staff resources, and then select external service providers that can augment these internal capabilities to implement desired countermeasures. Read the entire page →
From page 38... ... 38 Guidebook on Best Practices for Airport Cybersecurity Private, Confidential, and Sensitive Information All of these laws, regulations, and legal agreements require airports to protect personal and sensitive information. According to J Read the entire page →

From page 20...

... 20 The initial step to reduce cybersecurity risk is to identify the cyber threats that airports face and the data and systems that may be vulnerable to such threats. The next step is to protect those data and systems by implementing countermeasures that reduce the likelihood of a successful attack.