Protect and serve

Dr Jaushin Lee, founder and CEO of Zentera Systems, addresses how airports can protect themselves from cybercriminals.

Airport security has traditionally focused on protecting airports in their roles as critical gateways for commerce, tourism, and national defence, with a corresponding emphasis on passenger, facility, and luggage screening.

For these same reasons, airports have now become high-value targets for cybercriminals seeking to disrupt global travel, hold customer data hostage, or lay the groundwork for compromising airport operations.

Recent incidents, such as those at at Seattle-Tacoma International Airport and Kuala Lumpur International Airport, have highlighted the real-world consequences of successful cyber breaches, including grounded flights, compromised safety protocols, millions in lost revenue, and eroded customer trust.

For IT and cybersecurity professionals in the airport industry, the security challenge is startlingly clear and increasingly complex: How can airport operators protect their highly connected, mission-critical systems against a rising tide of digital threats, especially with legacy infrastructure and tight budgets?

The answer can be found with the right combination of awareness, strategic investment, and an innovative approach to cybersecurity: Zero Trust.

A NEW TYPE OF THREAT TO AN OLD SYSTEM

One of the most significant vulnerabilities airport operators face today is their ongoing reliance on outdated but highly integrated systems.

From backend systems to facility management, many airports rely on legacy infrastructure that was not designed to withstand today’s sophisticated and persistent cyber threats. Although these systems still function reliably from an operational standpoint, they often lack the basic security controls necessary to withstand a targeted cyber-attack.

During a recent simulation at the Technology Advancement Center’s Adega Airport Cyber Range, which models airport networks and operations to evaluate cybersecurity defences, participants demonstrated just how exposed airports are.

The simulated scenarios, which were based on real-world attacks against aviation infrastructure, revealed how disruptions to baggage handling, fuel systems, air traffic IT, radar, and operational technology (OT) equipment could quickly cascade into widespread delays, outages, and safety risks.

And the results weren’t just a matter of staff negligence or poor decision-making. The root problem was systemic: a patchwork of old systems, insufficient network segmentation, and a lack of modern protection for OT devices that control physical infrastructure.

This mix of old and new, with an expanded, always-on attack surface, makes it easier for attackers to exploit overlooked vulnerabilities.

For example, something as innocuous as a connected thermostat in a terminal aquarium can provide a foothold into the broader network. From there, attackers can establish command and control for persistent access, then explore the network to discover and compromise more critical assets, such as baggage sorters, financial systems, or even the air traffic control system.

BUDGET CONSTRAINTS AND MISCONCEPTIONS

Despite the growing threat landscape, many airport cybersecurity teams struggle to move forward. However, this security paralysis is not because they don’t know what steps to take, but rather because the perceived cost and complexity of modern solutions seem too high to implement.

Unfortunately, this is one of the biggest misconceptions about security modernisation: that meaningful cybersecurity improvements require massive, dramatic changes.

Because, in reality, security teams can take small, strategic steps using a phased approach that can, over time, yield dramatically powerful results. The key lies in shifting the mindset from “protect everything at once” to “protect what matters most now and scale from there.”

Similarly, investments in cybersecurity are often deprioritised in favour of visible infrastructure upgrades or enhancements to passenger experience.

Although the push for airport leadership teams to meet operational performance indicators is a real pressure, failing to build cyber resilience places the impact of those other priorities at risk.

START SMALL, THINK BIG, BUILD MOMENTUM

Zero Trust security is rapidly gaining recognition as the most effective model for securing critical infrastructure. At its core, Zero Trust assumes that no user or system –inside or outside the network – should be trusted by default.

Instead, every connection must be verified, every device’s network traffic should be monitored, and every segment of the network needs to be treated as if it were compromised.

This security mindset contrasts sharply with traditional perimeter-based security, in which actors who breach the network often enjoy broad access thanks to weaker internal controls and limited opportunities to enforce security policies.

For airports, which feature tightly integrated systems that are often physically distributed, maintaining the security of the internal network can be exceptionally complex.

BEGIN WITH A PHASED APPROACH

Fortunately, adopting Zero Trust does not require a full-scale overhaul and redesign of IT infrastructure. In fact, a phased implementation is not only possible but also the preferred approach.

Start by identifying small, manageable systems. For example, perform network segmentation and secure seemingly trivial devices such as digital signage and other Internet of Things (IoT) devices with Zero Trust overlays.

These systems are often overlooked as entry points for cyber-attacks, so successfully protecting them can be used to demonstrate success, capture lessons learned, and build internal buy-in for broader adoption.

Gradually, the implementation approach model can be expanded to higher-equity systems, such as baggage control, radar communications, and, eventually, air traffic operations.

The goal isn’t to implement Zero Trust throughout an airport’s IT and network infrastructure overnight, but to treat it as a continuous transformation that evolves with risk tolerance and budget realities.

OVERCOMING RESISTANCE AND DRIVING CHANGE

Implementing a Zero Trust framework can also seem daunting for airport leaders accustomed to planning conservatively within a highly regulated environment. To executives familiar with traditional IT implementations that span years, such project-oriented Zero Trust implementations can seem limited in scope.

Here, cybersecurity leaders can use the familiar IT world of checkpoints and progress monitors to educate their stakeholders in language they understand. Leverage real-world demonstrations and simulations to showcase the differences between Zero Trust and other security models.

Then, as sensitive digital assets are protected, focus on measuring and reporting the risk reduction that Zero Trust delivers to frame the conversation around progress toward an organisation-level goal.

When stakeholders can see Zero Trust solutions providing value in action, particularly how they shield OT systems from lateral attacks and isolate threats before they spread, the benefits become more tangible.

LOOKING AHEAD: AIRPORTS AS SECURITY INNOVATORS

Airports may be high-value targets, but they are also uniquely positioned to become leaders in shaping the future of cybersecurity.

With sprawling digital ecosystems, physical-to-digital integration, and direct links to national defence and transportation networks, their operations serve as a microcosm for what changes in security posture can mean for other critical infrastructure.

In other words, airport cybersecurity is not only about keeping planes flying, but also enhancing the security of the country’s connected critical infrastructure.

By adopting a Zero Trust mindset, prioritising incremental progress, and overcoming the misconception that effective security must come at the cost of usability, budget stability, or operational efficiency, airports can achieve a powerful balance between innovation and resilience.

About the author

Dr Jaushin Lee is a serial entrepreneur with many patents and the visionary architect behind CoIP® Platform, Zentera’s award-winning Zero Trust security overlay.