Governance
Cybersecurity
The Airports Authority is committed to making a positive impact on society and the environment through our Corporate Social Responsibility efforts . One of the key areas of focus is Cybersecurity , as we recognize the importance of protecting our customers , employees , and partners from the potential dangers of the digital world .
The NIST Cybersecurity Framework is the Foundation for Our Cybersecurity Efforts
Our Cybersecurity team adopted the National Institute of Standards and Technology ( NIST ) Cybersecurity Infrastructure Framework to ensure that our systems and data are protected from potential threats . This framework provides a systematic approach to managing and reducing cybersecurity risks and helps us to keep our systems and data secure .
Zero-Trust drives our Security Approach
We have adopted NIST ’ s Zero-Trust Security Approach to protect our customers , employees , and partners . This means that we never automatically trust anyone or anything . Every request for access to our systems and data must be verified . This approach helps us to stay ahead of potential threats and ensure that our sensitive information remains secure .
Defense in Depth , a Multilayered Approach to Cybersecurity
A multi-layered approach to security is essential , which is why we have implemented a defense-in-depth strategy . This means that we use multiple security controls and techniques to protect our systems and data , reducing the risk of a successful attack .
As part of our commitment to the NIST Cybersecurity Framework , we take steps to identify and protect our most critical assets . This includes sensitive data , intellectual property , and other valuable resources . We use a range of security measures , such as :
• Require strong passwords and enforce password management practices
• Regularly update software and systems
• Conduct regular Risk Assessments
• Encrypt sensitive data both in Transit and At-Rest
• Develop and test Incident Response Plans
• Detect and Respond to Attacks : Always Prepared
Detect and Respond to Attacks
Cyberattacks can happen at any time and being prepared to respond is essential to minimizing the impact . Our team is trained to detect and respond to attacks quickly and efficiently , minimizing the potential damage . We use a range of tools and techniques to detect potential threats , such as firewalls , IPS , SIEMS , Next-Gen Anti-malware , email security gateways , and we respond promptly to any incidents .
Governance 91