New training course on cyber security for national auditors
Valletta, 5-7 November 2024 — The ECAC Secretariat has developed a new training course on auditing cyber security in aviation, “Best Practices for National Auditors – Cyber Security (level 2)”. This course is designed to enhance the knowledge and capabilities of national auditors in overseeing cyber security within the aviation sector.
To validate the training content, a pilot course was held for national auditors from Albania, Belgium, Georgia, Malta, Montenegro and Serbia. The course also featured the expertise of an experienced cyber security oversight specialist from the United Kingdom Civil Aviation Authority, who contributed valuable insights throughout the session.
The course comprises six modules that cover the key principles for protecting critical aviation systems and data, and which present a structured approach to overseeing cyber security in aviation. A central component of the course focused on reviewing good practices for auditing the implementation of cyber security recommendations outlined in ECAC Doc 30, Part II, Chapters 11 and 14. Through a blend of theoretical presentations, interactive classroom activities and a practical visit to an airport, participants were introduced to the practical aspects of preparing for a cyber security audit. This covered drafting a checklist, gathering information on the identification and protection of critical systems and data, reporting findings, and assessing compliance with ECAC Doc 30, Part II.
The ECAC Secretariat has received positive feedback from the participants, who particularly appreciated the hands-on approach to conducting a cyber security audit or inspection in the aviation sector.