Cybersecurity: What to Expect from Your Network Service Provider
Cybersecurity: What to Expect from Your Network Service Provider
Connected aircraft technologies have transformed the business jet cabin into a fully functioning office in the sky. From the moment they buckle in until they touch ground at their final destination, busy executives can log onto a fast, reliable onboard Wi-Fi network with capabilities comparable to those they experience on the ground.
With the right combination of hardware, software and cabin connectivity services, business jet passengers can use their connected devices to send emails, surf the internet, upload and download large files, videoconference, access social media, FaceTime and stream video in real time.
Protecting the data – including confidential information – that constantly moves in both directions between the aircraft and the ground is essential in this new digital age. Cybersecurity is a top priority for everyone in the connected aircraft value chain. Complacency is not an option.
Cabin passengers need more confidence that the sensitive information they’re accessing and creating online is better protected from the prying eyes of cybercriminals. They want to know that their communications won’t be corrupted or interrupted during flight. Company leaders expect the flight department and corporate IT to work together to make sure the flow of information is just as secure and reliable on the company jet as it is at corporate headquarters.
Good corporate governance dictates that sound cybersecurity policies, processes and practices extend across the organization. The goal should be to have the same safeguards that secure connected devices, databases and the flow of information on the ground also keep watch at 40,000 feet.
Cybersecurity is a team responsibility. An effective, enterprise-wide cybersecurity strategy includes the flight department and the corporate aircraft fleet, recognizing the onboard network is best protected when it’s viewed as part of the corporate network, rather than as a separate entity. Passengers themselves also have a critical role to play; they need to adhere with company policies and guidelines to help safeguard the personal and proprietary information they handle while onboard.
Network service resellers like Honeywell also play an important role by monitoring and helping to better secure the satellite communications ecosystem in which connected business aircraft operate. They help ensure information travels a more secure path as it flows between connected devices in the cabin to ground stations and points of presence (POPs) on the ground via the operator’s preferred satellite communications technology, band frequency and network.
Chances of a security breach are reduced significantly when passengers use a more secure satellite communications network to connect to a secure corporate network or other internet service provider on the ground.
The first job of a network service provider is to safeguard its own network. Leading network service providers and resellers follow internationally recognized cybersecurity standards and use best-in-class monitoring, authentication, data integrity and encryption capabilities across their networks. For example, Honeywell and others adhere to the National Institute of Standards & Technologies (NIST) 800 Series cybersecurity framework. Honeywell is already preparing for emerging mandates by the European Union Aviation Safety Agency (EASA) and Federal Aviation Administration (FAA), which will take effect in about two years.
Thanks to the diligence of network service providers, today’s leading satellite networks are more secure. The networks used to send and receive data in the business aircraft cabin are the same networks used for flight critical voice and data communications from the cockpit and the same networks that military and government entities rely upon.
Some network service providers go well beyond the central mission of providing users access to a secure network. For example, Honeywell is a leading supplier of satellite communications equipment, software and cabin connectivity services. This gives Honeywell a unique, multidimensional perspective on cybersecurity, which can be applied in the flight department and on the aircraft level.
Honeywell has taken cybersecurity protection to the next level with Honeywell Forge for Business Aviation, its all-in-one in-flight connectivity, flight planning and optimization, and flight database services platform. Cybersecurity is fully integrated as part of the Honeywell Forge platform. The company does not charge extra for basic cybersecurity protection as part of the Honeywell Forge solution.
Honeywell Forge shines a light on cybersecurity threats. The platform provides operators standard cybersecurity protection capabilities and the option of applying an intrusion-detection solution that monitors the network to help detect security problems, displays the nature and severity of any problems detected and provides an alert to anyone with a need to know. Users can preset alert thresholds at preferred levels, so they get the information they want and need and aren’t bothered by nuisance alerts, which has been an issue with some intrusion-detection software.
Building on more than four decades of experience in cybersecurity, Honeywell has fielded an expert team of specialists dedicated to meeting the specific needs of business aviation customers. The company uses techniques proven in other industries, like petrochemicals and manufacturing, and applies them to the specific needs of business aviation. Honeywell Connected Enterprise team members are often called upon to audit customers’ cybersecurity status, identify weaknesses and recommend ways to extend corporate policies and practices to the flight department and aircraft fleet.
The business aviation community has a good record when it comes to cybersecurity. Network service providers regularly detect intrusion attempts, but the vast majority of these are either false alerts or register at the very low end of the 1-5 (low-critical) risk level, which puts them in the category of nuisance alerts.
Even so, this industry needs to continue to focus on cybersecurity. With the proliferation of connected cabins and increased sophistication of cybercriminals of all kinds, complacency is not an option. Choosing a highly capable connectivity services provider is a big part of the solution.