The UK’s Civil Aviation Authority (CAA) has launched a scheme, developed in partnership with security certification body Crest, that it hopes will play a key role in its strategy to enable the aviation industry to manage its security risks without compromising aviation safety.
Under the Assure framework, accredited cyber security professionals will have to demonstrate “extensive” knowledge in one of three key specialisms: cyber audit and risk management; technical cyber security expert; and ICS/OT [industrial control systems/operational technology] expert. The professionals’ organisations will also have to have Crest membership in one of its core disciplines and been reviewed by both Crest and the CAA.
“The CAA is committed to broad and collaborative engagement with industry and key stakeholders to continuously improve our cyber security oversight model,” said Peter Drissell, director of aviation security at the CAA.
“By working with Crest to develop the Assure accreditation scheme, the aviation industry has access to the highest levels of skill, knowledge and competence to face the changing threat landscape and encourage a proactive approach to cyber…