Luci Holemans, Air Traffic Organization cybersecurity group manager at the Federal Aviation Administration, said FAA is transitioning to a zero trust strategy that involves network monitoring and authentication and segmentation of resources and users to maintain safety and resiliency amid a rapidly evolving threat environment, Via Satellite reported Friday.
She noted that FAA is assessing several enterprise cyber capabilities to safeguard mission critical systems, including National Airspace System software security management, security enterprise asset management and managed enterprise security monitoring.
“Instead of having the different systems and programs take something that’s been developed and putting it into an operational environment, we’ve created an environment within the operational area that allows those systems and services to get those new pieces of software where it’s already been tested and checked for any kind of malware,” Holemans said of NAS software security management.
Holemans highlighted the need for cybersecurity requirements to be embedded early into the system; the importance of cyber collaboration between government, academia and industry; the need to accelerate acquisition processes to address cyberthreats; and FAA’s plans to ensure cybersecurity with unmanned aircraft systems.