Airbus cyber grows 50% as it takes a risk perspective on threats

News by Grace Johansson

Earlier this year Ian Goslin, managing director/ head of UK cyber at Airbus Goslin updated SC Media UK on the organisation's developments in cyber-security since last speaking to SC a year ago.

Earlier this year Ian Goslin, managing director/ head of UK cyber at Airbus Goslin updated SC Media UK on the organisation’s developments in cyber-security since last speaking to SC a year ago.

"We are now a €150 million business," explained Goslin - a rapid 50 percent growth from €100 million the previous year. Geographically Airbus is located in three main countries: Germany, France and the UK. Goslin adds, "I head the UK business and it covers two elements; enterprise cyber - which includes managed security services ie SOCs; and high-grade cryptography which is utilised by the high threat club - people like the MoD, GCHQ, the Home Office, the Foreign Office etc to protect their systems. We really are one of the main players. In Corsham, we have roughly 16 members of staff and we have 150 personnel working out of Newport and this is growing. We also have a high-end cyber-consultancy located in Cheltenham, but I'm looking to bring this to Newport."

Due to the UK’s decision to leave the European Union SC wanted to find out how that would impact Airbus as a company and so we asked, has anything changed in the run up to Brexit, and can you explain your plans for what happens at Airbus if it is a ‘hard Brexit’? Goslin replied: "Tom Enders (Airbus CEO) has made it clear that a hard Brexit will have consequences and that plans are being considered. With that said for Airbus Cyber-Security, which is predominately a consultancy service, it will be less affected by the constraints of a hard Brexit. For our customers and partners, they have nothing to worry about as far as our cyber business is concerned, as there is a long-term commitment to continue our presence in the UK."

e’ve also seen GDPR introduced recently (May) so SC asked how that has impacted Airbus as an organisation, how has it hit their customers? What’s being done differently?

Goslin responded: "It was widely known that GDPR was coming, and what the requirements were, and so we were able to plan, train and introduce processes to address it. For example, it’s not just the technical expertise of being able to prevent and/or detect breaches but having people with the right aptitude so that they remain calm and can cope in a very stressful situation.

"Our teams have been trained so that they can react quickly and effectively as this is what will make the difference between investigating and then mitigating a breach and restoring systems to normalcy for the day to day business to get back up and running, securely. We use the latest technology to monitor networks for signs of anomalous behaviour, combined with the highly trained cyber-security experts who can investigate the resultant alerts and determine which are false positives and identify if there is an attack in progress and take appropriate remediative action."

Goslin went on to explain how Airbus copes with uncertainties in its supply chain, telling SC: "We work continuously with our suppliers to ensure they have appropriate cyber-protection in place. For example, when appointing a supplier - and if appropriate, we make sure that they meet the relevant standards, such as ISO27001. In terms of maturity of approach and thinking, the aircraft industry is very mature when it comes to cyber-security and we ensure that this knowledge is passed on to our suppliers."

Goslin was also asked about his view on the extent to which government initiatives like cyber-essentials or NCSC are helping. He replied:"To help is what these initiatives were designed to do and I think they're working. When you talk about whose responsibility it is to keep a nation, ie the UK, safe then it is the government's responsibility to lead, but it is society's responsibility to act.

"I think initiatives like cyber-essentials and the NCSC guidance in terms of standing up for the citizen are exemplary. To bring GCHQ's activites out into the open, which previously was considered a dark space in terms of understanding the cyber-threat, and bring it into the citizen space, adds greater understanding, transparency and a level of importance to cyber and is a positive step forward. I'd add that the levels of expertise and capability that are resident within the NCSC is second to none and so, I think, in terms of how safe you can be within a cyber domain as a nation state we're probably as safe as any other country and probably safer than most."

Next we broached the hot topic of Artificial intelligence use in cyber-security and its use by both defenders and potentially attackers too. Goslin explained what Airbus is seeing in the sector. "In terms of machine learning and AI, I prefer machine learning, I think that is something that will increasingly have an impact on the sector. Both in terms of botting capabilities of attackers, but also in terms of, if it’s tuned properly ensuring that we minimise the number of false positives and also identify the two in ones earlier but I think for the foreseeable future, the quality of an analyst is still the differentiator that makes the difference. That said I think it will be an increasingly important element in the sector, and of course, as Airbus you would expect we are doing research in that space."

Regarding current information security priorities for both Airbus and its customers Goslin commented "I couldn’t speak for my customers, in terms of our security, I think it depends on which part of the business you’re in. Physical security remains important, insider threat and management and things like that remain important, I think Airbus takes a holistic view and we take a risk perspective, in other words we look at the environment, we will look at the processes that are being used, we will look at the product that is being developed and then we will decide how we will take a security approach. You can rest assured that everything we do is always, in this day and age, taken through the eye of cyber. So despite everything we do, we will always go through the lense of cyber and say ‘does this have a cyber-element, what should we do with it?"

Find this article useful?

Get more great articles like this in your inbox every lunchtime

Video and interviews