“Our IT security is good” – The most dangerous sentence in airport management

“Our IT security is good” – The most dangerous sentence in airport management

Avatar of Tamara Heene
Tamara Heene
30. September 2025
5 min Lesezeit
Informationssicherheit

Airport cybersecurity: From crisis mode to strategic resilience

Executive Summary: What you need to know

Operational disaster, not just IT problem: The attack on Collins Aerospace was not a technical failure but resulted in an operational meltdown. The real danger lies in the standstill of the core business, not in the loss of data.

The supply chain is the new battlefield: Your weakest link is not in your data center, but in your external service providers. Without radical visibility across the entire ecosystem, your cyber defense is incomplete.

Manual backups are an illusion:Relying on manual processes as an emergency plan is a dangerous misjudgment in digitalized aviation. Operational resilience requires hybrid failover concepts that go beyond pen and paper.

Resilience is a C-level task: The responsibility for the airport's ability to operate under cyber pressure does not lie solely with the CISO or CIO, but is a core task of the entire management.

The wake-up call from Berlin: A problem that goes far beyond IT

Long queues at the check-in counters. Canceled flights on the scoreboards. Passengers who are processed manually. The pictures from Berlin Brandenburg Airport (BER)after the ransomware attack on the service provider Collins Aerospace is more than just an inconvenience. They are a clear signal: the digital transformation of aviation has reached a critical point where dependence on third-party providers represents an existential risk.

This is not an IT problem. It is a harbinger of strategic risks that every aviation executive must understand and address. While much discussion focuses on technical defenses, this article highlights the strategic thinking errors that lead to such crises and offers a path to true operational resilience.

Blog post image

The Conventional Approach Fails: Three Critical Reasoning Errors

The incident brutally reveals that traditional security concepts are no longer sufficient. Many leaders lull themselves into a false sense of security based on three common misconceptions.

Mistake 1: “Our IT security is well positioned.”

This statement usually focuses on your own internal infrastructure. However, the attack on Collins Aerospace shows:

The risk comes from outside. Your organization's attack surface doesn't end at the boundaries of your own network. It includes every single supplier whose systems are linked to your operations. Simply focusing on your own IT security ignores the biggest gateway.

Mistake 2: “We have contingency plans for the failure.”

The reality at the affected airports has shown:Manual processes are not scalable. A plan that calls for manually processing thousands of passengers per hour is not a plan, but a capitulation to chaos. Such emergency plans may exist on paper, but are often worthless under the pressure of real mass operations and lead directly to massive losses in sales and reputational damage.

Mistake 3: “Cybersecurity is a job for the IT department.”

This delegation attitude is one of the most dangerous strategic mistakes. The CFO sees the direct financial losses caused by flight cancellations. The COO is responsible for the operational standstill. The CEO is responsible for the damage to his reputation. The operational catastrophe makes it clear:

Cyber resilience is a core competency of the entire companyand must be anchored, controlled and resourced at board level.

The Resilience Framework: From Reacting to Anticipating

To prevent future system failures of this magnitude, airports and airlines must move from reactive crisis management to proactive, strategic resilience. This requires three concrete steps.

Step 1: Create radical transparency in the supply chain

Stop viewing your service providers as just a black box.

  • Request insight:Make comprehensive audit rights and transparency about security architectures and emergency concepts a contractual condition.
  • Define common standards:Establish mandatory security and resilience KPIs for all critical partners.
  • Test the chain:Conduct joint crisis exercises that cover not just IT, but the entire operational chain from passenger arrival to boarding.

Step 2: Develop operational redundancy instead of just IT backups

Think beyond just data backups and plan to maintain operations.

  • Hybrid failover concepts: Develop semi-automated or decentralized systems that can maintain skeleton operations in the event of a centralized failure. For example, can self-service kiosks switch to an offline mode?
  • Define minimum operational capability:What is the bare minimum you need to avoid having to shut down operations completely? Build your redundancy around this goal.

Step 3: Do simulations that really hurt

Standard penetration testing is not enough. You have to simulate the business disaster.

  • Focus on Business Impact:Ask your leadership team questions like:
    • "What happens if the check-in system is down for 72 hours on the first day of the holiday?
    • What decisions do we make after 4, 12 and 24 hours?
    • Who communicates what and when?"
  • Get the C-Level Involved:Such an exercise is only valuable if all top management participates and has to make decisions under simulated pressure. This is the only way to make strategic gaps in crisis management visible.
Blog post image

What this means for you as a decision-maker

The implications of this incident are role-specific and require concrete action at every level of leadership.

Blog post image

Your next step: From knowledge to action

The incident at Collins Aerospace is not an isolated incident, but the new normal in a connected world. Waiting is not an option. Strategic resilience is not a cost factor, but a decisive competitive advantage that ensures operational capability, customer trust and ultimately company value.

Your logical next steps are:

1. Convene a task force: Establish a cross-functional team to reassess risks across your digital supply chain.

2. Planning a realistic crisis simulation: Test your organization for emergencies - with a focus on business decisions, not just technical responses.

Start the discussion with your leadership team today. Because the question is not whether the next attack will come, but how well you are prepared for it.

Next step: Free initial consultation

Would you like to strategically anchor IT security in your company? Our experts will be happy to advise you - without obligation and in a practical manner.Arrange an initial consultation now →

Next step: Free initial consultation

Would you like to strategically anchor IT security in your company? Our experts will be happy to advise you - without obligation and in a practical manner.Arrange an initial consultation now →

Hat ihnen der Beitrag gefallen? Teilen Sie es mit:

Ihr strategischer Erfolg beginnt hier

Unsere Kunden vertrauen auf unsere Expertise in digitaler Transformation, Compliance und Risikomanagement

Bereit für den nächsten Schritt?

Vereinbaren Sie jetzt ein strategisches Beratungsgespräch mit unseren Experten

30 Minuten • Unverbindlich • Sofort verfügbar

Zur optimalen Vorbereitung Ihres Strategiegesprächs:

Ihre strategischen Ziele und Herausforderungen
Gewünschte Geschäftsergebnisse und ROI-Erwartungen
Aktuelle Compliance- und Risikosituation
Stakeholder und Entscheidungsträger im Projekt

Bevorzugen Sie direkten Kontakt?

Direkte Hotline für Entscheidungsträger

Strategische Anfragen per E-Mail

Detaillierte Projektanfrage

Für komplexe Anfragen oder wenn Sie spezifische Informationen vorab übermitteln möchten