Protecting Aviation Critical Infrastructure from Cyber Attacks
November 6, 2021
Hosted by Rebecca Herold
The US Transportation Security Administration (TSA) recently announced they are requiring critical US airport operators, passenger aircraft operators, and all-cargo aircraft operators to designate cybersecurity coordinators, and to report cyber incidents to the Cybersecurity and Infrastructure Security Agency (CISA). Lower-level transportation organizations are encouraged to follow the rules as well. Why hasn’t this been done before now? Will it be enough to protect the highly complex and diverse system of air travel, and related aircraft and other equipment, within the US? Especially as new tech continues to emerge, and each traveler and aviation industry worker has on average two to ten (and more) mobile and IoT devices with them at all times, a large portion of which are connecting in and out of those many aviation network systems? Will this effort provide a model for more secure air travel in other countries? Don’t miss this compelling and informative episode! Listen to hear and learn many real-life lessons from a cybersecurity and privacy expert, and longtime practitioner who was, and still is, a CISO for multiple organizations and built cyber security programs within the aviation industry. We discuss a wide range of topics, such as: • The state of cybersecurity in the aviation industry, and how only recently cybersecurity management leadership positions were established. • How cybersecurity is significantly underfunded in aviation organizations, and how aviation CISOs can use Cecil’s advice to increase support for cybersecurity efforts and investments. • The cybersecurity weak points throughout airport systems and associated physical ecosystems. • The importance of addressing cybersecurity throughout the entire lifecycle of all aviation projects, from concept consideration through retiring aircraft and equipment. • The ways in which being multi-lingual supports better cybersecurity management, not only for critical infrastructure industries, but in all industries. See more about Mr. Cecil Pineda in the bio posted with this episode description on this VoiceAmerica show site. #Cybersecurity, #RiskManagement, #CriticalInfrastructure #AviationSecurity #RiskManagement #NationalSecurity #CecilTheCISO #CriticalInfrastructureCyberSecurity
Data Security and Privacy with the Privacy Professor
New shows the first Saturday of each month at 8 AM Pacific Time on VoiceAmerica Business Channel
There are more information security and privacy threats than ever before. As more technologies emerge, more surveillance tactics are used, and more artificial intelligence systems are deployed, cybersecurity and privacy risks grow exponentially. Rebecca has spent her entire career working to improve information security and privacy protections, by not only raising awareness of the issues within businesses and other types of organizations, but also by raising the awareness of these risks in the public and helping them to understand how to better protect their own personal data, allowing them to take their privacy protections into their own hands. Rebecca offers information about these existing and emerging security and privacy risks and provides fresh insights into the impacts of exploiting these risks, and gives guidance, tips, expert advice and news, with fascinating guests, to help all organizations, and the general public, understand what they need to do to mitigate these risks.
Rebecca has 25-plus years of systems engineering, information security, privacy and compliance experience, is CEO of The Privacy Professor(R) consultancy she founded in 2004, and Co-Founder/CEO of Privacy Security Brainiacs online services, where Rebecca engineered the systems and created all the content, including automated risk assessments and training courses. Rebecca has authored 20 books, contributed to dozens of other books, and published hundreds of articles. Rebecca led the NIST Smart Grid Privacy Subgroup for 7 years, a member of the NIST Privacy Framework development team, and is a NIST Cybersecurity for IoT Program team member. Rebecca has provided expert witness services for HIPAA compliance, IoT security, privacy and location tracking, retirement community members’ personal data misuse, and other cases. Rebecca was co-founder and officer of the IEEE P1912 Privacy and Security Architecture for Consumer Wireless Devices Working Group, and is on numerous advisory boards. Rebecca was Adjunct Professor for the Norwich University MSISA program for 9 years. Rebecca has received numerous awards, including named as a Top 100 Women Fighting Cybercrime and a Cybersecurity Woman of the Year. Rebecca has provided keynotes on 5 continents and is frequently interviewed on TV and in international publications. Rebecca holds the following certifications: FIP, CDPSE, CISSP, CISA, CISM, CIPT, CIPM, CIPP/US, FLMI. Ponemon Privacy Fellow. Rebecca is based in Des Moines, Iowa, USA.