satcom direct highlights importance of ifc support training

December 18, 2019

Today, the Business Aviation industry faces an ever-changing field of cyberattacks. Yet with the right training and systems, avionics companies can provide a high level of security. BART’s Avionics Editor Steve Nichols looks at what Satcom Direct has recently been doing in this field

As inflight connectivity on business aircraft becomes more commonplace, the demand for cabin crew and fleet operators to have relevant IT skills has increased. The risks of cybercrime have also increased too with business aircraft becoming high priority targets for hackers.

To combat this Satcom Direct (SD) recently bolstered its IT training for the Business Aviation sector.

The second edition of aeroIT, SD’s aviation IT certification, is now available with renewed content and an exam updated to reflect the changes.

SD’s training programs have been added to the curricula offered at both FlightSafety International (FSI) and Embry-Riddle Aeronautical University, and the number of SD digital self-learning courses has grown.

Revisions to the aeroIT course place more focus on cybersecurity, the latest communications systems and information technology advancements to ensure aviation IT professionals’ knowledge is current with the most recent developments.

The revised exam, designed to test candidates’ understanding of developing connectivity technologies, will enable existing aeroIT certificate holders to renew their existing qualification.

The updated aeroIT course now forms part of FlightSafety International’s new Cabin Master Technician program. Embry-Riddle has also approved the inclusion of aeroIT as part of its new Bachelor’s degree, Aviation Maintenance Science with an area of concentration in cybertechnology, avionics and security.

The first group of students taking the program began studies this fall. The supporting SD aeroIT study book, newly reprinted in its second edition is a required text for Embry-Riddle students.

The aeroIT course is also available through SD’s recently enhanced Learning Management System which provides computer-based training with videos and digital material. Students can fit studying into their work schedule and complete the course at their own pace.

For candidates preferring an immersive instructor led experience SD offers aeroIT training at its Melbourne, Florida facility and FlightSafety International delivers the aeroIT renewal course in Savannah, the Dallas North Learning Center and the recently added, Long Beach location.

The dedicated aeroCNCT course, created to support industry professionals that work with, or are responsible for, connectivity during flight is also offered at the Savannah facility.

In addition to making updates to the aeroIT and CyberSAFE courses, the new self-paced courses cover a range of topics with datalink, air-to-ground, satellite modules featured, as well as courses related to SD products and services, including the SD Pro operating system.

Jason Rigby, director of training for SD, said: “Our approach is holistic, so our network partners are incredibly important to us. We are excited to provide enhanced access to our materials via the highly-respected FlightSafety International, Embry-Riddle establishments and our improved LMS.

“We know that an always-on generation expects connectivity to perform all the time and this drives our continuous educational development program so we can support our customers, so they can support their passengers, crew and employees. As aviators ourselves we understand that reliable, professional training is essential for sector development. The latest additions and updates, along with our growing network of educational partners, firmly positions SD’s training modules at the core of Business Aviation IT training.”

Since launch three years ago, more than 700 candidates have completed the aeroIT course. In 2018 alone, 205 candidates achieved an 86% pass rate of the accredited exam for aeroIT, and 74 students completed the aeroCNCT test with 85% passing. A further 16 customers have already maximized the opportunity to renew their certificates.

FlightSafety International offers the Satcom Direct AeroIT certification preparation course.

AeroIT was the world’s first information technology certification for aviation and equips aircraft technicians, maintenance, IT personnel and crew with vital knowledge of today’s sophisticated airborne communications systems.

Satcom Direct says the aeroIT prep course and certification exam equip flight departments with the knowledge to configure and troubleshoot onboard networks and SATCOM systems, which both enhances technicians’ professional development and supports their organizations’ missions.

Students completing the courses can take their exam on campus or via the digital Questionmark platform, which SD administers. The aeroIT credential is valid for three years and then must be renewed to remain current. Additional levels of certification are in development to validate different levels of mastery.

In collaboration with SD, FlightSafety offers the TTTCabin Communications and Cabin Management courses in Savannah, Georgia and Teterboro, New Jersey for both maintenance technicians and flight crews.

aeroIT was initially offered in Savannah and includes an option for future expansion into other FlightSafety training centers. aeroIT ultimately will be incorporated into FlightSafety’s Avionics and Cabin Master Technician programs. SD continues to offer aeroIT training at its offices across the globe.

Satcom Direct (SD) launched a CyberSAFE (Securing Assets for End Users) course back in 2017.

The course, originally developed in conjunction with Logical Operations, educates users about technology-related risks and provides practical solutions to this continuously emerging threat to business and industry.

Contrary to popular opinion, being in a business aircraft does not exempt you from a cyber threat. Even if you are in the air, if you can see the internet, then hackers can see you – and that means you are vulnerable.

Business aircraft operators need to manage and monitor cybersecurity if they are to avoid costly hacking events and other issues with their company’s precious data. The aircraft can become targets, with hackers knowing that there are high net worth individuals on board.

The number of cybersecurity attacks worldwide is increasing every year. From the period between 2013-2015, it was reported that the cost of cyber crimes quadrupled, costing between $400-£500 billion.

And in a recent Cybersecurity Ventures report, it predicted the cost of cyber threats will rise to $6 trillion annually by 2021.

This cost includes everything from damage and destruction of data, stolen money, lost productivity, theft of intellectual property, theft of personal and financial data, embezzlement, fraud, post-attack disruption to businesses, forensic investigation, restoration and deleted hacked data and systems and much more.

The “Cybersecurity Standards for Aircraft to Improve Resilience Act of 2016” (more commonly known as the “Cyber AIR Act”), introduced to US Congress in April of 2016, shows just how serious the cybersecurity threat is to Business Aviation.

SD says it takes airborne cybersecurity very seriously indeed, which is why it introduced its SD Threat Monitoring assessment and consultation services and SD SkyProtect service.

SkyProtect can audit and assess a flight department operation and provide recommendations on its security practices. It says it can also evaluate the “state of the network” and educate on best practices and standards.

To mitigate these threats, other than the full-blown private network, it also offers real-time threat monitoring, penetration testing, antivirus/malware/firewall protection; and will work the flight department to create policies for them to adhere to, such as a policy on passengers and “BYOD” – Bring Your Own Device usage.

Michael Skov Christensen, VP Satcom Direct International, said: “For a very long time corporate flight departments had IT compliance in their organization. But the only place that didn’t extend to was their aircraft.

“A lot of the information being sent to and from their aircraft is highly sensitive. So the risk of having no control of the data over a satellite link is a total no go.”

SD’s SkyProtect offering is a range of security solutions, tailored to the flight department – such as onsite risk assessments, recommended security postures and policies, active monitoring of security threats to their aircraft to ensure the integrity of the network.

Its team of technical solutions managers will make recommendations on how to combat security risks found within a flight department through a suite of practices that adheres to ISO 27001 and NIST standards.

These include network discovery, risk assessment and threat monitoring services.

To facilitate this, SD also has its own state-of-the-art, military-grade data center in Florida, a secured hub for customer connectivity and value-added services, where it can support clients’ data management from the aircraft and host servers.

The SD Data Center is a 25,000 sq. ft. purpose-built facility that meets Tier III standards, complies with major industry requirements, and is designed to withstand a category five hurricane.

It also offers the SD Private Network – a global communications framework that interconnects with satellite and air-to-ground connectivity providers via the SD Data Center and its multiple points of presence (POPs), worldwide. The company says the SD Private Network offers an unparalleled level of security and reliability to every product and service it offers.

This allows the application of SD proprietary value-added services to improve data speeds, create seamless transitions between ground-based and airborne communications networks, filter unwanted data transmissions to and from the aircraft, and enable the use of computers and personal devices in-flight, just like on the ground.

“This is bespoke and tailored to a specific company’s requirements,” said Skov Christensen. “Our goal is to ensure that data remains secure throughout the whole ecosystem.”

With POPs located in the US and Europe, it can also offer flexible routing and addressing options to meet corporate policies and regulatory requirements.

All SD customers using its products and services can opt for SD Custom Routing, offering an added level of protection and control.

By selecting SD Custom Routing, all of a client’s airborne data traffic can be delivered from the connectivity provider directly to their corporate network, bypassing their public routing and the internet.

The SD Private Network infrastructure is constantly monitored to ensure 100% uptime. The latest IT security and best practices are applied and maintained to meet the compliance requirements for numerous industries.

SD’s in-house network security experts also stay ahead of evolving security threats and proactively monitor network activity so that it can identify and block intrusion attempts in real-time.

“Our aim is to bring total peace of mind to our customers,” concluded Skov Christensen.

Jason Rigby added: “Something as innocent as opening an email or clicking on links, or even using an infected USB drive in a network computer, can result in a serious breach.

“Our CyberSAFE course educates users about technology-related risks and their responsibilities as an end-user in protecting organizations from them.”

The course is designed for self-paced learning, but it also can be delivered in person and via online, live instructor-led sessions through SD’s Learning Management System (LMS) at satcomdirect.motivelearning.com.

Taking approximately three hours it is followed by an online assessment, which upon successful completion delivers students the Certified CyberSAFE credential.

“It’s surprising how little thought many of us give to cybersecurity in our day-to-day actions but cyber-attacks are on the increase. Human error has been identified as the leading cause of cyber security incidents and end-user education is one of the top ways to prevent network infection,” concluded Rigby.