How to…protect your IFE network
January 31, 2018
Richard Williams spoke to Markus Gilges at VT Miltope about the airline security solution it has developed with RazorSecure to comply with an upcoming EU regulation
The EU’s Network Information Security directive requires active monitoring and anomaly detection for IT systems in transport infrastructure. Firewalls and encryption are no longer enough.
RazorSecure specialises in cyber-security for transport systems, and uses machine learning to provide advanced intrusion protection. Robert Brown, executive chairman, explains: “Our system is active in seeking out anomalies in usage that typically precede an attack.” It is being applied exclusively to VT Miltope’s WAPs to protect IFE systems from nuisance or malicious damage. “The problem in the future is less likely to be the hoodie, but more likely to come from international sabotage,” said Brown.
Know your GDPR and NIS
The new EU regulation comprises General Data Protection Regulation (GDPR) and Network and Information Security directive (NIS). GDPR reforms data protection law in Europe, shifting the balance of power towards the citizen who owns the personal data, away from organisations that collect, analyse and use it. The complementary NIS directive focuses on the protection of systems and breach reporting.
Data breaches must be reported within 72 hours and Privacy Impact Assessments and a new ‘right to be forgotten’ must be respected.
Brown says the NIS has received less attention but means operators of ‘essential services’, including their digital service providers, will have to take ‘appropriate security measures’ and report serious incidents to the national authority. This includes air, rail, road and water transport.
Avoid the fines
Markus Gilges, business development director of VT Miltope, says: “Airlines seem somewhat unaware of their responsibilities under these new rules. The penalties for non-compliance are €20 million or four per cent of turnover.”
By integrating RazorSecure’s active cybersecurity software into their WAPs, Gilges expects to comply with the regulations and solve an imminent headache for airline and rail operators. “Our MAP3 access point can offer a secure, personalised experience for the next generation of connectivity. The RazorSecure technology is exclusive to VT Miltope access points.”
New GDPR and NIS directives come into force from May 2018 throughout the EU
Penalties for non-compliance are 20 million euros or four per cent of turnover, whichever is the higher
The new regulations will apply to all businesses with transport operations in Europe
VT Miltope’s cyber security WAP MAP3 with RazorSecure software is available from Q2 2018