Airlines` large-scale migration to IP networks raises pressure to respond to IT security threats
The results of SITA`s first Global Airline IT Security Survey, announced last week at the Future of Air Transport Conference in London, reveal deep concern about IP-based network security, with 80% of those surveyed feeling increased pressure to respond to IT-related security threats.
This comes at a time when the world`s airlines are well on the way to becoming the first totally Web-enabled global industry, forcing them to examine closely their current IT security arrangements.
Respondents, comprised of 157 airline and airfreight security professionals around the world, identified the top three security concerns as:
* Evaluating the network for vulnerabilities
* Securing IP-based networks
* Adding skills and resources to the IT team
The top three airline security application concerns identified reflect the changing operations of the industry and the significant migration to IP-based architecture:
* Wireless IP/comms (corporate)
* Wireless IP/comms (air to ground)
Jim Peters, CTO of SITA, speaking at the Future of Air Transport in London, commented on the results: "It is reassuring that there is such a high level of awareness and concern among the respondents and it is notable that at least 68% of them realise the need to constantly review their IT security solutions to keep up with the ever-changing IT security position. In particular, securing aspects such as wide area networks with VPN, intrusion detection systems and stringent policy management."
"Results from SITA`s 2006 Airline IT trends survey released last month, confirmed the pace of IP migration showing that 78% of airline systems are now IP-enabled and this figure is expected to reach 83% by the end of 2007 and 87% by the end of 2008.
"This rate of IP migration will ensure that network security remains a priority even though 62% of the businesses surveyed feel that their current security strategy is meeting appropriate standards for security policy, governance and measurement. What is also reassuring is that 30% of respondents review IT security at least every three months and on average it is reviewed every seven months."
The Global Airline IT Security also examined the level of IT budgets absorbed by security, the results show that on average 8%-9% of overall IT spend is in this area and that these budgets are set to increase by an average of 4.5% in 2007.
Outsourcing accounts for a significant percentage of overall security activity with only 39% of businesses managing all security in-house.
"We have found more and more airlines are interested in outsourcing their IT security and our experience with customer satisfaction of these services is reflected in the survey with the respondents` overall satisfaction with outsourced provisioning high at 78%," said Peters.
The lack of internal skills and resources are the key drivers for outsourcing security provision and support - with both being identified by at least half of the respondents - rather than the need to gain a performance or security advantage.
"This survey represents one of the most significant, independent investigations into global airline IT security conducted within the industry to date," commented Billy Hamilton Stent, Director of Loudhouse Research, the independent agency commissioned by SITA to conduct the research. "And as the first of its kind for SITA, the findings highlight a number of issues of interest to the industry as a whole. For IT professionals across the world, the survey should provide useful insights into how the industry is responding to the issue of security generally."
The research highlights a number of issues that should prove valuable to airline businesses looking to refine security strategy over the next 12-24 months. The findings will also help readers to benchmark their company security strategy and concerns against those of their peers in the market.
Copies of the full report are available at www.sita.aero.