Safety
Air navigation service providers need a flexible security platform that allows them to address threats to systems old and new.


Pete Clay, Chief Information Security Officer at Aireon

ANSP account credentials available for sale on the dark web has risen approximately 18% over the last 12 months.
“These trends highlight a broader underlying issue: insufficient cybersecurity resources within many ANSPs,” says Pete Clay, Chief Information Security Officer at Aireon. “Attackers frequently capitalise on this resource gap, exploiting it as the primary vulnerability. As threats intensify, continuous monitoring, vigilant management of cyber risk, and strategic allocation of cybersecurity resources become increasingly essential for ANSPs worldwide.
The CANSO Cybersecurity Working Group (CSWG) will be pivotal moving forward. Its threat intelligence programme systematically monitors cybersecurity risk indicators for ANSPs and over the past year has recorded a troubling increase.
CSWG research reveals that the presence of ANSP account credentials available for sale on the dark web – a significant indicator of compromised credentials – has risen approximately 18% over the last 12 months. Additionally, there has been an 11% in ANSP computer systems infected by malicious software. The latter is particularly concerning as it indicates potential active intrusions into critical infrastructures responsible for maintaining air traffic safety.
Cybersecurity remains a critical challenge for air navigation service providers (ANSPs).


Andy Boff, Technical Director for Cybersecurity at Egis

Every system, whether it is newly deployed or has been in service for decades, possesses a distinctive blend of factors that impact its operational risk profile.
Although age is perceived as a key driver of system vulnerability, that is not always the case. Age does, however, have a significant impact on the defensive measures necessary to safeguard it effectively. Tailored approaches are required to mitigate potential risks.
“For instance, these systems may be incompatible with modern network standards or simply lack the capability to be accessed from remote locations,” says Andy Boff, Technical Director for Cybersecurity at Egis. “Although the inability to network might initially appear as a limitation, it can also act as a defensive advantage by reducing exposure to external threats. In such cases, the paramount concern shifts from external cyber intrusions to the physical security of the system itself.”
If a legacy system cannot be accessed remotely, attackers would likely need to gain on-site access to compromise it, making physical security controls – such as restricted entry points, surveillance, and secure facility design – more critical. Boff adds that though aviation has a strong history of maintaining effective physical security, the increasingly interconnected world of aviation cannot rely on this forever and continued investment in cybersecurity is needed.
Modern systems, by contrast, are more at risk remotely and can present easier paths of access but they have cybersecurity measures built in to mitigate this possibility.
Old or young, ANSPs need to understand and assess each system’s unique risk profile. Cybersecurity requires the identification and mitigation of every possible vulnerability vector, including human factors and physical threats.
“An effective risk assessment process examines how systems are used, the sensitivity of the data they handle and the security controls in place to protect them,” Clay notes. “By focusing on these broader considerations, organisations can develop a comprehensive strategy that addresses both advanced cyber threats and the more traditional risks posed by physical access.”


Cybersecurity strategies talk of an organisation’s “attack surface”, the extent of system vulnerabilities. The bigger the attack surface, the bigger the problem.
This has spurred the development of specialised attack surface management solutions designed to enable organisations to conduct proactive vulnerability assessments and limited penetration testing. By identifying weaknesses before malicious entities do, organisations can mitigate risks early and protect their critical assets more effectively.
But such solutions are not easy to implement. They require investment, licensing, integration and maintenance. Furthermore, dedicated personnel must oversee them, interpret the findings, prioritise mitigation efforts and continually refine the security posture. In short, they are resource intensive.
“In this regard, understanding and minimising an organisation’s attack surface is only one part of the overall equation,” he adds. “Ensuring sufficient resources to enforce and sustain security measures is the ultimate safeguard against sophisticated cyber threats today.”
Boff notes that the problem is not only budget but also a shortage of skilled individuals. Cybersecurity professionals need to understand both the operational aviation domain and the current capabilities of threat actors. Attackers often exploit organisations’ inability to keep up with ever-evolving threat landscapes because of constrained resources.
“When security professionals are stretched thin, incidents go undetected for extended periods, and basic housekeeping – such as patching, asset inventory, and policy enforcement – falls behind schedule,” he says. “As a result, adversaries gain opportunities to seize on these resource gaps, launching attacks that could have been prevented with adequate manpower and efficient management.
View
Collaboration with industry and government
View
Incident response and recovery planning
View
Training and awareness programmes
View
Defence-in-depth approach
View
Risk assessment and continuous monitoring
The considerations and steps for building a good cybersecurity strategy include:

A well-executed cybersecurity programme is not static.
“We also need to remember that aviation is especially interconnected at an international level,” says Boff. “Neighbouring states and flight information regions may select a different approach to managing the same cyber risk, which leads to a need to map and verify consistency of coverage at the ANSP-to-ANSP boundary.”
Building trust is therefore essential. Encouraging communication among cybersecurity professionals in the ANSP community is a core focus of the CSWG. ANSP security personnel can now access a range of community-driven services, including live discussions, “ask me anything” sessions and monthly video chats. There is also a document library and threat intelligence updates that can be tailored to a specific ANSP.
Through this collaborative space, the CANSO CSWG aims to foster an active, informed and cohesive ANSP cybersecurity community worldwide.

Nevertheless, Clay advises that tools like the NIST Cybersecurity Framework, ISO 27001 or COBIT help standardise security measures and streamline compliance checks. Leveraging these proven methodologies lowers the need for creating tailored processes from scratch, ensuring that core security requirements are systematically addressed.
Additionally, these frameworks are continuously updated to reflect emerging cyber risks, making them an adaptable foundation for organisations of any size. Implementing them can significantly alleviate the resource strain typical of compliance efforts.
There are multiple cybersecurity certification programmes, but compliance denotes an organisation’s formal commitment to a standardised or mandated set of controls rather than guaranteed security.
According to Clay, implementing a cybersecurity programme goes beyond simply meeting a compliance checklist. Rather, it involves a comprehensive, risk-based approach that continually adapts to evolving threats and organisational changes.
“A well-executed cybersecurity programme is not static,” he says. “It integrates people, processes and technology in a way that actively protects the organisation’s most valuable assets. By blending compliance-driven controls with broader, proactive measures, organisations can establish a mature security posture rather than a mere point-in-time checkmark.”
Close
Although safety has previously benefitted from this collaborative approach, cybersecurity differs in the timing. With safety, the problem is unlikely to be repeated soon. But with cybersecurity, a successful attack might continue until it is blocked.
“This means timely and effective information sharing is even more important as time is a critical factor for the defenders of our systems,” concludes Boff. “Information shared about one successful attack can help to protect multiple other ANSPs from that same threat.”
Andy Boff, Technical Director for Cybersecurity at Egis

Sharing cybersecurity information, even failures, benefits the wider community, allowing the industry to collectively learn and improve. “It is important that we have confidential, honest and improvement-focused forums where information can be freely shared, and that all participants can benefit from the common aim of defending the aviation industry from those who would seek to disrupt it,” says Clay. “These forums need to be safe spaces, and the information shared needs to be treated with due sensitivity. Information sharing classifications like Traffic Light Protocol are helpful with setting up expectations for how shared information can be used.”


Safety
Air navigation service providers need a flexible security platform that allows them to address threats to systems old and new.

The CANSO Cybersecurity Working Group (CSWG) will be pivotal moving forward. Its threat intelligence programme systematically monitors cybersecurity risk indicators for ANSPs and over the past year has recorded a troubling increase.
CSWG research reveals that the presence of ANSP account credentials available for sale on the dark web – a significant indicator of compromised credentials – has risen approximately 18% over the last 12 months. Additionally, there has been an 11% in ANSP computer systems infected by malicious software. The latter is particularly concerning as it indicates potential active intrusions into critical infrastructures responsible for maintaining air traffic safety.
Cybersecurity remains a critical challenge for air navigation service providers (ANSPs).

“These trends highlight a broader underlying issue: insufficient cybersecurity resources within many ANSPs,” says Pete Clay, Chief Information Security Officer at Aireon. “Attackers frequently capitalise on this resource gap, exploiting it as the primary vulnerability. As threats intensify, continuous monitoring, vigilant management of cyber risk, and strategic allocation of cybersecurity resources become increasingly essential for ANSPs worldwide.
ANSP account credentials available for sale on the dark web has risen approximately 18% over the last 12 months.
Pete Clay, Chief Information Security Officer at Aireon



Andy Boff, Technical Director for Cybersecurity at Egis
Modern systems, by contrast, are more at risk remotely and can present easier paths of access but they have cybersecurity measures built in to mitigate this possibility.
Old or young, ANSPs need to understand and assess each system’s unique risk profile. Cybersecurity requires the identification and mitigation of every possible vulnerability vector, including human factors and physical threats.
“An effective risk assessment process examines how systems are used, the sensitivity of the data they handle and the security controls in place to protect them,” Clay notes. “By focusing on these broader considerations, organisations can develop a comprehensive strategy that addresses both advanced cyber threats and the more traditional risks posed by physical access.”
“For instance, these systems may be incompatible with modern network standards or simply lack the capability to be accessed from remote locations,” says Andy Boff, Technical Director for Cybersecurity at Egis. “Although the inability to network might initially appear as a limitation, it can also act as a defensive advantage by reducing exposure to external threats. In such cases, the paramount concern shifts from external cyber intrusions to the physical security of the system itself.”
If a legacy system cannot be accessed remotely, attackers would likely need to gain on-site access to compromise it, making physical security controls – such as restricted entry points, surveillance, and secure facility design – more critical. Boff adds that though aviation has a strong history of maintaining effective physical security, the increasingly interconnected world of aviation cannot rely on this forever and continued investment in cybersecurity is needed.
Every system, whether it is newly deployed or has been in service for decades, possesses a distinctive blend of factors that impact its operational risk profile.
Although age is perceived as a key driver of system vulnerability, that is not always the case. Age does, however, have a significant impact on the defensive measures necessary to safeguard it effectively. Tailored approaches are required to mitigate potential risks.


Boff notes that the problem is not only budget but also a shortage of skilled individuals. Cybersecurity professionals need to understand both the operational aviation domain and the current capabilities of threat actors. Attackers often exploit organisations’ inability to keep up with ever-evolving threat landscapes because of constrained resources.
“When security professionals are stretched thin, incidents go undetected for extended periods, and basic housekeeping – such as patching, asset inventory, and policy enforcement – falls behind schedule,” he says. “As a result, adversaries gain opportunities to seize on these resource gaps, launching attacks that could have been prevented with adequate manpower and efficient management.
Cybersecurity strategies talk of an organisation’s “attack surface”, the extent of system vulnerabilities. The bigger the attack surface, the bigger the problem.
This has spurred the development of specialised attack surface management solutions designed to enable organisations to conduct proactive vulnerability assessments and limited penetration testing. By identifying weaknesses before malicious entities do, organisations can mitigate risks early and protect their critical assets more effectively.
But such solutions are not easy to implement. They require investment, licensing, integration and maintenance. Furthermore, dedicated personnel must oversee them, interpret the findings, prioritise mitigation efforts and continually refine the security posture. In short, they are resource intensive.
“In this regard, understanding and minimising an organisation’s attack surface is only one part of the overall equation,” he adds. “Ensuring sufficient resources to enforce and sustain security measures is the ultimate safeguard against sophisticated cyber threats today.”
Collaboration with industry and government
View
Incident response and recovery planning
View
Training and awareness programmes
View
Defence-in-depth approach
View
Risk assessment and continuous monitoring
View
The considerations and steps for building a good cybersecurity strategy include:


A well-executed cybersecurity programme is not static.
“We also need to remember that aviation is especially interconnected at an international level,” says Boff. “Neighbouring states and flight information regions may select a different approach to managing the same cyber risk, which leads to a need to map and verify consistency of coverage at the ANSP-to-ANSP boundary.”
Building trust is therefore essential. Encouraging communication among cybersecurity professionals in the ANSP community is a core focus of the CSWG. ANSP security personnel can now access a range of community-driven services, including live discussions, “ask me anything” sessions and monthly video chats. There is also a document library and threat intelligence updates that can be tailored to a specific ANSP.
Through this collaborative space, the CANSO CSWG aims to foster an active, informed and cohesive ANSP cybersecurity community worldwide.
Nevertheless, Clay advises that tools like the NIST Cybersecurity Framework, ISO 27001 or COBIT help standardise security measures and streamline compliance checks. Leveraging these proven methodologies lowers the need for creating tailored processes from scratch, ensuring that core security requirements are systematically addressed.
Additionally, these frameworks are continuously updated to reflect emerging cyber risks, making them an adaptable foundation for organisations of any size. Implementing them can significantly alleviate the resource strain typical of compliance efforts.
There are multiple cybersecurity certification programmes, but compliance denotes an organisation’s formal commitment to a standardised or mandated set of controls rather than guaranteed security.
According to Clay, implementing a cybersecurity programme goes beyond simply meeting a compliance checklist. Rather, it involves a comprehensive, risk-based approach that continually adapts to evolving threats and organisational changes.
“A well-executed cybersecurity programme is not static,” he says. “It integrates people, processes and technology in a way that actively protects the organisation’s most valuable assets. By blending compliance-driven controls with broader, proactive measures, organisations can establish a mature security posture rather than a mere point-in-time checkmark.”

Andy Boff, Technical Director for Cybersecurity at Egis
Although safety has previously benefitted from this collaborative approach, cybersecurity differs in the timing. With safety, the problem is unlikely to be repeated soon. But with cybersecurity, a successful attack might continue until it is blocked.
“This means timely and effective information sharing is even more important as time is a critical factor for the defenders of our systems,” concludes Boff. “Information shared about one successful attack can help to protect multiple other ANSPs from that same threat.”

Sharing cybersecurity information, even failures, benefits the wider community, allowing the industry to collectively learn and improve. “It is important that we have confidential, honest and improvement-focused forums where information can be freely shared, and that all participants can benefit from the common aim of defending the aviation industry from those who would seek to disrupt it,” says Clay. “These forums need to be safe spaces, and the information shared needs to be treated with due sensitivity. Information sharing classifications like Traffic Light Protocol are helpful with setting up expectations for how shared information can be used.”
