This major airline operates close to 5,000 flights daily and is one of the oldest operating airlines in the U.S. It has major hubs across the United States. There are about 150 people on their security team, 30 of those sitting on the Cyber Monitoring Incident Response team. One of Armis’ Resident Engineers (RE), works exclusively with the airline and is responsible for optimizing the airline’s use of the Armis Centrix™ platform.
The Challenge
Like all airlines in the U.S., this airline is subject to the regulations of the Transportation Security Administration (TSA). Through the Aircraft Operator Standard Security Program (AOSSP), the TSA requires that all aviation organizations identify all assets connecting to their environments and also be able to pinpoint any vulnerabilities associated with those assets. If an airline is found to be noncompliant with AOSSP, it risks potential fines by the TSA.
This airline was using a well known vendor as its main configuration management database (CMDB) to keep track of IT assets and configurations, but it lacked information on its IoT and OT devices, such as who manages them and potential vulnerabilities.
Their objective was to build and automate security capabilities so IoT and OT assets are protected with the same rigor and fabric of controls as its traditional IT assets. In anticipation of an upcoming TSA inspection, the new IoT/OT security team lead decided to deploy Armis Centrix™ for IoT/OT Security, leveraging an Armis engineer to oversee deployment, setup, and configuration.
Continue reading to learn how the airline was able to satisfy TSA requirements during a two-day onsite inspection, gain full visibility and a clear process on how and when to upgrade, replace, or take an asset offline and how the airlines can also connect risks to operational efficiency for improved decision making.
Challenges
-
Comply with new TSA AOSSP cybersecurity requirements to avoid potential fines -
Identify IoT and OT assets and vulnerabilities at the corporate campus and key airport locations
-
Ensure that mission critical OT systems can continue to run safely when an IT system is compromised
-
Limited in-house deep domain expertise specific to IoT/OT management and security
Results
-
Developed capabilities to continuously identify, classify, and monitor OT assets in compliance with TSA AOSSP regulations -
Zeroed in on and prioritized vulnerabilities based on business risk to proactively remediate potential security issues
-
Reduced risk of operational downtime
-
Ensured OT vendors have resiliency plans in the event of unforeseen events
-
Established a proven process for future onboarding and knowledge transfer
