Supporting Implementation Strategies — Information Management and General Administrative Services — IT Security

IT Security


ICAO as a knowledge-driven organization recognizes that its success depends on the efficient use of gathered collective institutional knowledge. Inadequate information security management creates a substantial business risk that threatens not only important organizational assets but also business processes essential to the continued operations of the Organization. ICAO realizes that information is a critical asset and the way in which information is managed, controlled and protected has a significant impact on the Organization’s ability to achieve its strategic objectives. The increasing reliance on information calls for a strategic and operational effort to ensure the confidentiality, integrity and availability of valued information assets.


In 2017, ICAO completed a holistic organization-wide security posture assessment, which included in-depth threat examination, vulnerability assessment, past incident analysis, risk analysis, capability maturity evaluation and other security tests. Based on the results of the assessment, an Information Security Master Plan was developed, which contains an information security vision and strategy for ICAO, as well as an implementation plan (roadmap) for the next three years. Within three years, information security risks are expected to be properly addressed, as well as the capabilities and processes required to control and actively manage the potential future security incidents to be adequately established. ICAO’s information security programme also aims at fostering key capability in addressing the targeted threats that ICAO is facing.


In addition, comprehensive short-, medium- and longer-term plans were developed for strengthening the Organization’s information security posture and addressing incident response and recovery. Implementation activities include the introduction of multi-factor authentication for several services, improved logging and logging aggregation through a Security Incident and Event Management (SIEM) tool, revised change and configuration control management (CCM), revised software quality assurance process, centralized reverse proxy and application delivery as well as managed Services for Advanced Threat Detection.

Share this page: