Airlines maintaining focus on IT security

Airlines are taking security seriously

More than two-thirds of airlines are growing or maintaining their IT security budgets, according to research.

But the survey by airline industry IT specialist SITA also suggests that IT professionals in the sector face a number of barriers to achieving regulatory compliance in areas such as payment card standards.

The study showed that 34 per cent of respondents saw their security budget staying the same while 25 per cent had an increase of between one and five per cent. Nine per cent reported an increase of six per cent or more.

But only 42 per cent of those polled have been involved with preparations for the Payment Card Industry Data Security Standard (PCI DSS), designed to improve security of online transactions, despite deadlines later this year set by card issuers such as Visa.

The survey suggested that insufficient resources (54 per cent), budget (49 per cent) and lack of knowledge (47 per cent) are the main barriers to meeting compliance needs.

“The level of importance given to compliance by these airline IT security professionals is encouraging but more can be done,” said Mark Prince, head of consulting for security, voice and convergence at SITA.

“Key compliance initiatives such as PCI DSS and ISO27001 are both relevant and time-sensitive. The major payment brands have all issued compliance deadlines for PCI DSS regarding data storage and validation procedures to which the global airline industry must pay attention.”

The research also reported an increase in the number of airlines considering outsourcing as a means to reduce spending – 58 per cent of those polled saw cost cutting as a main driver for outsourcing, up from 36 per cent the previous year.