Airport Business

OCT 2014

The airport professional's source for airport industry news, articles, events, and careers.

Issue link: http://airportbusiness.epubxp.com/i/397645

Contents of this Issue

Navigation

Page 26 of 43

COVER STORY October 2014 airportbusiness 27 October 2014 airportbusiness 27 verification. "On your perimeter, you have firewalls and intrusion detection systems, and a variety of systems that monitor and protect your network," Nessi says. "You have tech- nology to protect your data and technology to protect your applications. You have technology that protects your interaction on the Web. You have technology that protects your desktop environment. And now we have technology that protects our mobile devices." Allen recommends also adding application wide listing to the airport cyber security arse- nal, noting that this technology can prevent up to 80 percent of the threats trying to sneak in. This technology locks down a computer so that it will only operate those applications a user needs to perform his or her job. If a user clicks on an email containing malware, the malware won't execute and the technology quarantines it. "This gives network administrators time to respond and deploy their defenses," he says. Though technology used in the Defense in Depth strategy aids in early detection by looking for suspicious network activity, it may not be enough and threats may still slip through. Gazit stresses, "Early detection is one of the biggest holes in cyber security today. It's unacceptable to think about an airport or an airplane that doesn't have smoke detectors. But we don't always have cyber attack detec- tors in airports. Yet detection is an extremely important part of cyber security." And while technology can cull through the network looking for suspicious activity, human eyes still need to review these logs every single day, warns Nessi. "Analysts need to look at these logs to see if there is anything there," he says. "If they think there is something going on, they need to report it." THE HUMAN FACTOR "People forget the Internet was built with very few safeguards internally. It was built for transmitting traffic in data packets. It was built to facilitate communication. The human element of it has made it a dangerous place to be," Nessi says. For this reason, Defense in Depth also includes employee training and education of employees. LAWA provides annual cyber secu- rity training for its workers. Says McCarthy, "We need to educate all levels of the organization in sound simple practices. Airports could stop 90 percent of all cyber security issues by prop- erly training all members of the organization." Nessi agrees: "Most problems start at home. You need to make sure your organization is educated and you have policies in place." The Multi-State Information Sharing and Analysis Center is considered by many as 'the' focal point for cyber threat prevention, protec - tion, response and recovery for the nation's state, local, tribal and territorial governments. This CERT organization offers Web-based training that Allen says can greatly enhance employees' cyber security knowledge. Training should cover good cyber hygiene, which McCarthy describes as everything from password protection, to phishing emails, to forbidding the use of USB devices. He explains that most people see USB devices as secure but they are actually one of the most common ways to infect a network. "People plug those into a machine and format them, which erases evidence of a virus, but by then it's already contaminated the system," he says. LAWA also monitors traffic to see what employees are doing on the network and blocks sites such as Facebook and Twitter because as Nessi says: "Not only are they distractions but there is the potential for malware on these sites." "The utilization of your organization's sys- tem is not a personal right of an employee," he explains. "Anything and everything done on a work computer is subject to review by the organization. Probably 50 percent of all organizations allow some personal browsing on the Internet as long as it doesn't interfere with work. But in other organizations that's prohibited. Every organization has a different threshold for risk." Acceptable use policies presented at ori- entation teach employees what their limits are, according to Allen. "You have to start with policies so that at least employees know what they can and cannot do," he says. "They know that these are the things they will be accountable for." The caveat, however, is that "none of this will happen without any money," he adds. "If you're not going to fund it, then you'll just wait until you get hacked. And airports will get hacked eventually. That's one of the things the ACRP (Airport Cooperative Research Program) said upfront. They said there will be apathy until an attack occurs because there is a lack of direct economic incentives to do it." But as Target and Home Depot learned when their systems were breached, the economic impact can be in the hundreds of millions of dollars. "The moment they start understanding the connection between cyber security and their business, they'll get serious about the funding," he says. ANDRE ALLEN: HOW TO BUILD YOUR DIGITAL DEFENSES f Figure out where you are. "What is the current state of your cyber security?" he asks. What are you protecting currently? What vulnerabilities exist? f List the systems that you have. Allen recommends classifying the systems by asking the following questions: • What kind of systems are they? • Are they critical systems? These would be systems that if down could cause major disruptions or a loss of life. f Prioritize protection. After identifying the systems, determine which are most critical to protect. "You can't do everything—that's a given," he explains. "Nobody has enough funding to do everything."

Articles in this issue

Archives of this issue

view archives of Airport Business - OCT 2014