As the number of IT-related components in the airline business grows, so does the importance of security and reliable, accessible IT infrastructure. Airlines have many stakeholders – including regulators, manufacturers, customers, airport operators and others – and millions of employees worldwide. Internet of things, or IoT, technologies are playing major roles in making air travel more efficient and improving the passenger experience. The number of IoT gateway technologies, such as beacons and sensors to provide passenger information, is taking off. Moreover, the industry is making huge investments in connected aircraft, smart baggage tracking systems and mobile check-in technology.
Between aircraft, airports, airline IT network operations, dispatch and other stakeholders, there is increased geographical scattering of data collection points. In addition, more data is being collected, and more vendors are accessing airline data to improve operations, passenger management and other core operational functions, which may rely on unsecure legacy applications and platforms. Here, cybersecurity is a higher priority than ever.
Airline Security Challenges
Digital technologies enable airline companies to communicate effectively with suppliers, partners and service providers. Airlines, airports and aircraft manufactures are employing IoT to improve efficiency and product quality; optimize asset use; reduce downtime; and allow sales, logistics and the boardroom to act quickly on real-time production information. With more people accessing more data and networked devices, as well as capabilities like in-flight Wi-Fi, today's aviation industry needs a better, more efficient way to thwart new threats and maintain security.
Palo Alto Networks® Security Operating Platform helps airline companies compete in the global marketplace and capitalize on new technologies without compromising security or uptime. The platform offers real-time visibility and cohesive, coordinated security across clouds, networks, endpoint devices and content, reducing cyber risk.
Airline companies around the world use Palo Alto Networks to:
Figure 1: Typical airline IT network/ecosystem and systems
Palo Alto Networks offers coordinated and automated threat prevention, enabling you to embrace new technologies that improve your competitiveness while vastly reducing the operational burden on IT and security teams.
Palo Alto Networks WildFire® cloud-based threat analysis service works with other platform elements to:
Network segmentation that is simple-to-manage, yet granular, is key to preventing successful cyberattacks while serving the diverse needs of employees, subcontractors, the supply chain and other valid network users. Segmenting network zones based on asset sensitivity as well as controlling which users and applications can access each segment will provide another level of access control to sensitive data or applications. The platform continuously scans for threats entering segments, reducing the risk of threats moving laterally through your network, and content scanning reduces the risk of data exfiltration. The platform also enables you to:
Integration, automation, speedy correlation and other tools in the platform dramatically reduce events per analyst hour, helping the industry build security teams or next-generation security operations centers that scale without adding more staff. Existing staff can improve response times, focus on critical events, and spend more time anticipating and foiling future attacks.
Security capabilities that continuously communicate and update one another speed up new threat prevention while reducing cost and management overhead. You can start with one capability and add new ones to the platform over time, growing protection levels without the cost and complexity of installing and managing new network devices. Consolidated visibility, policy creation, management, event logging, reporting and forensics across security capabilities will simplify operations and compliance as well as reduce the potential for misconfigurations, outdated policies or overlooked threats.
The platform approach reduces silos of information and manual intervention for overburdened IT and security teams. These natively integrated elements share security context and work together to automatically prevent quickly changing threats from affecting your endpoints, networks or data:
Applications are transforming from a collection of isolated, proprietary offerings to interconnected systems that use IP and commercial off-the-shelf products. New innovations can help optimize operations and reduce costs, but they can also increase your level of cyber risk. Beyond comprehensive threat prevention, Palo Alto Networks Security Operating Platform secures networks in several ways, helping you to:
Reduce risk and increase visibility in your modern airline environment whether your company owns the mobile devices or not.
Extend the security of your on-premise network to public clouds – Palo Alto Networks VM-Series virtualized next-generation firewalls provide the same capabilities for the cloud as our hardware appliances do for physical networks. Protect Amazon® Web Services and Microsoft® Azure® environments from advanced threats while providing application-level control between workloads, policy consistency from the network to the cloud, fast deployment, and dynamic security policy updates as workloads change.
SaaS applications are traditionally invisible to IT. Control which SaaS applications you allow with Aperture, and safely enable employee and partner activity within sanctioned applications.
Some critical processes depend on hardware running operating systems or browsers that are no longer supported. Traps eliminates the need for constant patching and prevents cyber breaches on vulnerable assets by automatically identifying and stopping attempted exploits. By leveraging the latest insights from WildFire, Traps also prevents new threats from affecting endpoints, enabling you to adopt a mindset of prevention, not just protection.
Protect the data center perimeter and prevent lateral movement as well as accidental data exposure by segmenting your data center into several Zero Trust zones. Create policies for each network segment that define which users and applications have access, and block certain types of content from leaving the segment. You can use the Security Operating Platform to: