About

The Federal Aviation Administration (FAA) is responsible for ensuring people can fly safely and efficiently throughout our National Airspace System. The FAA focus is on air transportation safety, including the enforcement of safety standards for aircraft manufacturing, operation and maintenance.

Each year the Air Traffic Organization (ATO) Cybersecurity Group hosts the FAA Cybersecurity Awareness Symposium to promote cybersecurity awareness, collaboration, and partnerships between the FAA, Interagency Stakeholders, Industry, and Academia. The event is an opportunity to discuss current security challenges as well as to network with peers and leading industry experts. Through information sharing of this type, we can strengthen the cybersecurity of the aviation ecosystem and meet our shared mission to provide the safest and most efficient aviation system in the world!

Agenda

Attack Vectors – Supply Chain
Today’s supply chains are under maximum stress across the Global Industrial Base. Organizations must find ways to protect their supply chains while assuring the flow of goods and services at a cost effective price point. Learn how Air Force Materiel Command manages supply chain risk to ensure a secure operational environment.
Michael (Mike) Hoover, Air Force Materiel Command (AFMC) Supply Chain Risk Management (SCRM) Focal Point

Detection – Aviation Data Link Security Risk Assessment Tool
As part of our aviation security risk detection efforts, a security risk assessment tool was developed to evaluate the level of risk resulting from potential cybersecurity events. Critical aviation data links and security threats were replicated on a testbed environment. The tool creates models for the threat analysis and risk assessment of the critical data links.
Anna Baron Garcia – Ph.D. Candidate, ERAU
Radu Babiceanu – Professor of Systems Engineering, ERAU
Remzi Seker – Associate Provost for Research, ERAU
Daniel Diessner – Senior Research Scientist, ERAU

Defensive Measures – Enhance Robust Layered Defenses
Discuss current and near-future FAA capabilities for enterprise cybersecurity research, testing, training and collaboration; i.e., dedicated facilities providing specialized tools and safe, closed environments that afford rapid configuration before and easy restoration after testing. The three capabilities:
• Implement stronger defense and offensive cybersecurity best practices to further protect operations and support the agency mission, such as vulnerability remediations, asset inventory, penetration testing, network architecture solution (i.e. Data Diodes) and hardening,
• Mimic the FAA production network hierarchy for FAA cybersecurity testing,
• Address whole-of-nation incident response to facilitate collaboration with other government agencies and partners.
Hector Morales – Manager (A), FAA ATO Cybersecurity Enterprise Architecture Group
Linda Santon – Cybersecurity Engineer, FAA ATO Cybersecurity Engineering Group
Kristof Preisner – Cybersecurity Test Engineer, FAA ATO Cybersecurity Testing Group
Dominic (Bud) Timoteo – Cybersecurity Test Facility Engineer, FAA ANG Information Security Branch
Dom Ali – Secure Enterprise Cyber Test Range Classified Information Security Manager, FAA ANG Information Security Branch

Attack Vectors – Lateral Movement
Learn about a common and effective cyber attack technique, and a proof-of-concept AI-based capability aimed at expanding monitoring, detection, and alerting of events related to unauthorized lateral movement, that could have broad applications across the aviation ecosystem.
Leslie Shing – Technical Staff, MIT Lincoln Laboratory

Detection – Operational Technology Security and Resilience Solutions
While there are common Operational Technology (OT) challenges across the critical infrastructure (CI) community, there are also unique OT security and resilience challenges within each sector, subsector and segment. Learn about the ways Idaho National Lab, a world leader in securing CI and improving the resiliency of vital national security and defense assets, is here to support your OT security and resilience efforts in today’s cyber threat environment.
O.T. Gagnon III – Chief Strategist, Idaho National Lab, National & Homeland Security, Infrastructure Assurance and Analysis

Defensive Measures – ATO Data Evolution
The FAA’s Air Traffic Organization’s Data Champion presents a summary of the ATO’s Data Evolution efforts. Topics will include the development of an executive leadership team and working group of ATO data professionals, the first steps towards an informed culture and the role that data governance will play in the provision and protection of data to make informed decisions.
Kim Pyle, Director, Policy and Performance, Safety and Technical Training and ATO Data Champion
Gian Burdhimo, Program Manager, ATO Data Evolution

ATO Cybersecurity Steering Board (ATO-CSB) Panel – Executive Cybersecurity Collaboration & Insights

Frequently Asked Questions

Yes, you will need to register for the event in order to receive login information.

From our conference website home page, please find the “Register” button at the top. Complete the fields and create a username and password. Once you have registered, you will receive a confirmation email for your registration.

Yes, you may access the conference using a desktop, laptop, tablet, or smartphone

The Symposium is hosted on a zoom-based platform, so no additional software other than zoom should be required.

Find and click on the “Info” area to chat with a support rep.

Yes, the sessions will be available to view on-demand for up to one month after the conference.  After the 30 days, content will be available to FAA employees and contractors only by contacting 9-AJWB4-ACG@faa.gov

Please see the information desk within the Summit platform. If you are having trouble accessing the platform, please contact 9-AJWB4-ACG@faa.gov