The CAA Cyber Security Oversight Team has been established to provide effective oversight of the UK aviation industry’s management of cyber security risk, to support aviation safety, security and economic resilience. It has been developed to meet UK, European and International aviation regulatory obligations for cyber security.
We have also created a cyber security regulatory framework that enables industry to demonstrate that appropriate risk management and mitigations are operating and effective.
Our cyber security oversight process is described in CAP 1753.
“To have a proportionate and effective approach to cyber security oversight that enables aviation to manage their cyber security risks without compromising aviation safety, security or resilience.
To stay up-to-date and positively influence cyber security within aviation to support the UK’s National Cyber Security Strategy.”
“Cyber security refers to the protection of information systems (hardware, software and associated infrastructure), the data on them, and the services they provide, from unauthorised access, harm or misuse. This includes harm caused intentionally by the operator of the system, or accidentally, as a result of failing to follow security procedures.“ UK National Cyber Security Strategy and Cyber Security Body of Knowledge.
Civil Aviation Authority
Cyber Security Oversight Team Email: firstname.lastname@example.org
For any urgent aviation cyber issues (i.e. those that represent an imminent threat to airports, aircraft or the wider aviation industry, please call: 020 7453 5876 or 5825 (09:00-17:00 Mon-Fri) or, +44 (0)330 022 1500 (outside of office hours)
The CAA’s Cyber Security Oversight Process supports the following strategies:
- Department for Transport’s (DfT) Aviation Cyber Security Strategy
- the UK’s National Cyber Security Strategy
- ICAO’s Cyber Security Strategy
and other UK, European, and international legal obligations.
We would highly recommend joining the NCSC’s Cyber Security Information Sharing Partnership (CiSP).