Sydney Airport is preparing to open a new 24/7 Security Operations Center (SOC) to mitigate the growing risk of data and information security threats.
The organization revealed the news in its annual report, claiming the first phase of the SOC, also described as a “Security Control Centre,” would be complete by April 2019 in concert with an unnamed managed security services provider.
It highlighted cyber-attacks as a key operational risk alongside aircraft accidents, terrorism, climate change and the threat of war — noting that the airport is a “critical piece of national infrastructure.
“With the security threat landscape evolving rapidly, we have continued to focus on managing current and emerging cyber risks. A refreshed Information and Cyber Security 2020 strategy has been at the center of our cyber programs to drive security governance, improved maturity levels, and stronger user awareness via security culture campaigns,” the report said.
“We work closely with the Australian government via the Joint Cyber Security Centre (JCSC) and are partnering with the Aviation Information Sharing and Analysis Centre (ISAC) on global aviation cyber security intelligence.”
The investment is well-timed: a report from PA Consulting Group last year warned that digital transformation programs including growing use of IoT mean that airports are at a far greater risk of cyber-attack than ever before.
In Europe, the new NIS Directive also requires key organizations in the transportation sector, including airport hubs, to follow a strict set of best practice security guidelines or risk GDPR-level fines.
Also last year, a New South Wales firm that issues aviation security identity cards was hacked, leading to concerns that security at Australia’s airports may have been compromised.
In the UK, Bristol airport suffered a ransomware attack last year that forced airport staff to hand write flight information updates on whiteboards for two days.
Sydney Airport claimed it will continue to invest in technology this year to enhance the customer experience as well as network resilience and cyber-risk management.