Surviving the rise in cyberattacks

https://airlines.iata.org/2026/02/22/surviving-rise-cyberattacks

Publish Date: 2026-02-22 11:07:00

Author:

Using an unordered list, summarize the following article with between 4 and 8 key points. The incident was a stark reminder that cyber threats in aviation are no longer theoretical—they are operational, visible, and capable of disrupting the passenger experience at scale.By some estimates, cyberattacks on aviation surged 600% in 2025 compared with 2024. As aviation becomes increasingly digitized and interconnected, it also becomes a more attractive target. The industry now faces a fundamental challenge. How does it protect critical infrastructure while continuing to provide seamless passenger operations on a global scale?That question will be central to the cybersecurity stream at the World Data Symposium, where industry leaders will examine how aviation can strengthen resilience, enhance collaboration, and prepare for a threat landscape that is evolving faster than ever.“Aviation is critical infrastructure,” says Jeffrey Troy, President and CEO of Aviation ISAC. “In 2025, we witnessed a rise in cyberattacks against aviation and all critical infrastructure.”Cyber awarenessThrough the Aviation ISAC, collaboration across the aviation ecosystem continues to mature. Chief Information Security Officers report that more business function owners are integrating cybersecurity into their business processes and strengthening awareness across their organizations.“Airlines have also done a great job at attracting and retaining cybersecurity talent,” says Troy. “The Aviation ISAC is a community for cyber defenders. Our community leverages the top cyber talent and crowd sources problem-solving to raise the skill levels throughout the industry. In addition, there is no shortage of interest from the commercial cybersecurity market in providing solutions and to help close gaps. That is a good combination.”Cybersecurity strategyIt is impossible to stop all cyberattacks. Troy advises that businesses are now focused on resilience: “How does an organization continue to operate even during an attack?” he asks.A good strategy, he suggests, has four elements:Strong Cyber Hygiene: Numerous benchmarks are available, including the ISO 27000 family, Cybersecurity Maturity Model Certification, and others. Organizations should measure themselves against these standards and ensure that controls are functioning effectively.Continuous Monitoring: Cybersecurity systems must operate so that alerts trigger as soon as an attack is initiated.Resilience: Some service elements may be disrupted during an attack. Solutions such as activating backups and implementing manual workarounds must be established before a significant incident occurs.Relentless Pursuit of Threat Intelligence. Continuous monitoring shows what is happening on a network, but threat intelligence strengthens protection and detection capabilities. As Troy states: “The threat intelligence team helps you know what you do not know.”Achieving a balanceCyberattacks have significant consequences for both companies and their customers. Aviation passengers are increasingly affected by incidents targeting loyalty accounts, as well as financial and medical records. These wide-ranging attacks have contributed to a shift in consumer expectations.“It used to be that nobody wanted multi-factor in front of their computer access,” says Troy. “It was believed that it put off customers or users found it too cumbersome. But the sentiment has changed. Cybersecurity is now an expectation. People want to know that the system they are logging on to is secure and are happy with an extra security step or two.”Organizations must also strike a balance between the business drive to implement artificial intelligence (AI) and the security team’s ability to secure it effectively. Many organizations and suppliers are racing to bring AI enhanced functionality to market, sometimes without fully understanding the associated vulnerabilities. A strong cybersecurity framework must be established around all AI initiatives.At the same time, both attackers and defenders are leveraging AI. “Attackers can move faster and with more agility within victims’ networks. Similarly, defenders can use AI to more quickly identify attacker behaviors and network anomalies. There is a constant battle and the battle is intensifying. Aviation needs to be prepared.”Jeffrey Troy will present on cyber collaboration, 12:00, Thursday 9th April at WDS. Credit | iStock-2193795280