Cyber Safety and Security
Acknowledging the urgency and importance of protecting civil aviation’s critical infrastructure, information, and communication technology systems and data against cyber threats, the 39th Session of the ICAO Assembly called for a coordinated approach to achieve an acceptable and commensurate cyber resilience capability on a global scale. To that end, Resolution A39-19 — Addressing Cybersecurity in Civil Aviation set out the actions to be undertaken by States and other stakeholders to counter cyber threats to civil aviation through a cross-cutting, horizontal and collaborative approach.
Furthermore, the 39th Session of the Assembly instructed ICAO to lead and seek to attain a comprehensive cybersecurity work plan and governance structure with all relevant stakeholders. To that end, ICAO established the Secretariat Study Group on Cybersecurity (SSGC) under the lead of the Deputy Director, Aviation Security and Facilitation. The SSGC met to establish its Terms of Reference and its technical working groups focusing on cyber issues related to current and future air navigation systems, airworthiness (including remotely piloted aircraft systems (RPAS)), aerodromes and legal aspects. The SSGC closely coordinates with the Working Group on Threat and Risk (WGTR) to develop and maintain appropriate risk matrices related to cybersecurity.
Ongoing coordination with States, industry and key stakeholders on this issue has highlighted the need to reduce existing vulnerabilities to avoid cyber disruptions in the air navigation system. In April, the ICAO Cyber Summit was held in the United Arab Emirates. In September, the United States Government facilitated a session of simulated cyber scenarios, referred to as a “table top exercise”. In December, cyber issues were a focus of discussion at the Global Air Navigation Industry Symposium (GANIS/2).