EASA framework for cyber resilient aviation
Uninterrupted connectivity is a foremost consideration across the aviation industry where more digitised, data, AI, and ML- driven networks, with IT systems, cloud, and platforms require the highest cyber and information security. This is especially relevant between aircraft, helicopters and airlines and other operator’s Integrated Operations Control Centres (IOCCs), MROs, airports, and ATMs where information security is of the utmost importance.
Part-IS (Commission Implementing Regulation (EU) 2023/203 and Commission Delegated Regulation 2022/1645) is the latest EASA regulation to identify and manage information security (IS) risks with potential impact on Aviation Safety.
This regulation will provide a comprehensive framework for governance, risk and event management, continuous improvement, and reporting. This will enable the aviation ecosystem to mitigate and respond to cyber threats with the overall goal of collaboratively enhancing cyber resilience to secure Aviation Safety.
One big challenge will be the efficient and lean Safety Management System (SMS) and Civil Aviation Information Security Management System (ca-ISMS) integration into quality and business resilience management.
Want to know if you need to implement Part-IS?
Who needs to comply with Part-IS?