Filter By:

Latest ESCP ExCom meeting on cyber security

ERA participated in the latest meeting of the EASA-led European Strategic Coordination Platform (ESCP) Executive Committee (ExCom) on cyber security in Brussels on 3 September. 

The meeting agenda included the latest developments with formalising the adoption of the 'Strategy for Cybersecurity in Aviation' associated implementation plan, proposed amendments to EASA NPA 2019-07 and an update from the ECCSA (European Centre of Cyber Security in Aviation).

With cyber security constantly evolving, guidance and direction is required to assist all aviation industry stakeholders on which procedures to adopt.  There was brief discussion on changing the title of the implementation plan from the ‘Strategy for Cybersecurity in Aviation’ to the ‘Strategy for Cybersecurity in Civil Aviation’.  The reasoning behind this was that some delegates felt that the military sector already had robust and educated expertise on the matter of cyber and thus should not be included. 

However, as the strategy is a co-operative approach amongst all aviation stakeholders, both civil and military, it was agreed to leave the title as it currently stands.  Following this discussion, the meeting then endorsed the strategy paper.

Following receipt and analysis of all stakeholders comments, the EASA Notice of Proposed Amendment (NPA) 2019-07 ‘Management of Information Security Risks’ will have an Opinion published in Summer 2020, with an anticipated entry into force coming the second half of 2021.

The meeting concluded with an update on the status of the ECCSA (European Centre of Cyber Security in Aviation).  The objective of the ECCSA is to promote networking and information sharing among organisations and authorities, promoting a cyber security culture and trust environment. In addition, this will increase the understanding of risks and threats, and overall situational awareness of cyber.  As it currently stands, the ECCSA has in excess of sixty expressions of interest from various stakeholders, including ERA, which will undergo evaluation before inclusion.

Looking ahead, there will be a high-level cybersecurity conference taking place on 4-5 March 2020 in Madrid, hosted by AENA. The focus will be on information sharing and co-ordination between authorities at national level.