Melbourne Airport Enhances Cyber Awareness in Effort to ‘Forecast the Future’

Quick Read

• Melbourne Airport is bolstering its cyber visibility to protect 30 million passenger trips each year.
• Cheuk Wong, the cyber security chief, prioritizes comprehensive ecosystem visibility, spanning IT, baggage handling, and Wi-Fi.
• Artificial intelligence is employed to identify phishing attempts and analyze extensive data sets.
• Automated deletion of accounts is playing a role in minimizing internal risks.
• Centralized access management guarantees security in all four airport terminals.
• Ongoing security assessments are a fundamental part of Melbourne Airport’s cyber strategy.

Melbourne Airport Enhances Cybersecurity to ‘Anticipate the Future’

Enhancing Visibility across the Technological Framework

Melbourne Airport is making significant investments in cyber detection and response systems to protect 30 million passenger journeys annually. Cheuk Wong, the Head of Cyber Security, highlighted the necessity of transparency across the entire tech ecosystem, which includes internal IT infrastructures, baggage handling processes, and public Wi-Fi scenarios.

Wong noted that visibility is critical; without it, protective strategies are nearly impossible to enforce. The data collected is routed to a third-party Security Operations Centre (SOC) that watches for potential threats and aids in incident management. This method has proven essential as cyber threats are on the rise and airports are increasingly seen as prime targets.

Creating a Forward-Thinking Cyber Security Plan

Since Wong joined Melbourne Airport in 2018, he has directed a compact yet proficient cyber security group integrated into the broader technology department. Over the past six years, he has been instrumental in developing a nimble cyber security strategy that adjusts to emerging threats. Wong reiterates that grasping the evolving risk landscape is vital for both responsive and anticipatory security strategies.

Continuous evaluation and flexibility ensure that Melbourne Airport’s cyber policy is perpetually evolving. As Wong states, “Without understanding the prevailing environment, how can effective protection be achieved?” Visibility enables the team to not only react to incidents but also forecast potential future challenges.

Leveraging Artificial Intelligence to Manage Extensive Data sets

Realising the constraints of traditional data analysis, Melbourne Airport has implemented artificial intelligence (AI) to enhance its detection capabilities. Initially focusing on email security, AI resources now survey the larger email environment, scrutinizing conversation trends and sender activities to pinpoint threats such as phishing.

Wong compares the task to “searching for a needle in a haystack,” especially as data volumes surge with ongoing digital innovations. AI aids in filtering through this data, allowing for quicker threat identification and responses while alleviating the workload on human analysts.

Streamlining Risk Management via Account Deletion Automation

Internal threats pose notable challenges for organizations worldwide. To address this, Melbourne Airport’s HR division has rolled out automated account deletions for employees leaving the company. This measure ensures that ex-staff do not maintain access to sensitive systems, thereby curtailing insider threats. Plans are in place to broaden the scope of such automation within the organization.

Centralized Access Management for Operational Security

With over 100,000 passengers on a daily basis—akin to filling the Melbourne Cricket Ground—seamless coordination between various systems, including those run by the Australian Border Force and Airservices Australia, is crucial. Melbourne Airport has adopted a centralized access control framework that regulates physical access to sensitive areas throughout all four terminals.

Wong’s responsibilities include synchronizing business requirements with security measures to uphold system integrity and availability. Any breach could lead to unauthorized access to critical assets, highlighting the need for effective access management systems.

Ongoing Security Testing is Vital

Even the most sophisticated security systems are only valuable if they function correctly in times of need. Hence, ongoing security testing is integral to Melbourne Airport’s cyber security framework. Wong advocates for routine evaluations to confirm that systems are robust against evolving risks, ensuring a sufficient level of protection for the airport’s extensive digital and physical environments.

Conclusion

The efforts of Melbourne Airport to improve cyber visibility reflect a proactive and adaptive approach to safeguarding one of Australia’s busiest transit locations. By harnessing AI capabilities, automating internal procedures, centralizing access management, and insisting on continuous security assessments, the airport seeks not just to address cyber threats, but also to foresee and prevent them. Given the rising cyber risks alongside digital intricacies, Melbourne Airport’s strategy could serve as an exemplary model for critical infrastructure operators nationwide.

Q&A

Q: Why is cyber visibility crucial for Melbourne Airport?

A:

Cyber visibility enables Melbourne Airport to identify suspicious behaviour quickly, respond to incidents effectively, and anticipate potential threats. Without comprehensive ecosystem transparency, protective strategies would remain reactive rather than proactive.

Q: In what ways does Melbourne Airport leverage artificial intelligence for cyber security?

A:

AI is chiefly employed for recognizing phishing attempts within the airport’s email frameworks. It evaluates conversational trends and wider email practices to pinpoint threats more effectively than manual processes could achieve.

Q: What strategies are employed to manage insider threats at Melbourne Airport?

A:

The human resources department at Melbourne Airport employs an automated account deletion system for departing employees. This minimizes the possibility of former personnel having ongoing access to sensitive data and systems.

Q: What function does centralized access control serve at Melbourne Airport?

A:

Centralized access control oversees physical entry across all terminals and sensitive locations, ensuring that only authorized individuals can access restricted areas. It is essential for maintaining both operational integrity and passenger security.

Q: How frequently does Melbourne Airport conduct security assessments?

A:

Security assessments at Melbourne Airport are an ongoing initiative, designed to ensure that security protocols are effective and that vulnerabilities are identified and mitigated timely, maintaining robust cyber defenses.

Q: How does Melbourne Airport manage the escalating volume of generated data?

A:

By utilizing AI-driven solutions, Melbourne Airport can efficiently process and analyze vast quantities of data generated every day. This enables quicker identification of threats and fortifies proactive cyber security initiatives.

Q: Which agencies collaborate with the technology systems at Melbourne Airport?

A:

The systems at Melbourne Airport coordinate with those maintained by the Australian Border Force and Airservices Australia, necessitating strong collaboration and security oversight to ensure smooth operations and a positive passenger experience.

Q: What future initiatives does Melbourne Airport plan for its cyber security strategy?

A:

Melbourne Airport plans to enhance automation in risk management, improve AI capabilities, and continually refine its cyber security roadmap to effectively address new threats and adapt to evolving technologies.