The convergence of cyber threats in the aviation enterprise

At the CANSO Global Safety Conference 2025, Pete Clay, Chief Information Security Officer at Aireon LLC, will be speaking in two sessions on cyber security—tackling the evolving threats facing the aviation industry.

In this interview, Peter highlights ‘Compliance Complacency’ as a key issue in cyber threat. Too often, security documentation becomes a checkbox exercise rather than a tool for real protection. Meanwhile, cyber threats continue to grow, and every resource spent on paperwork for its own sake is a resource not spent on proactive defence.

So how do we move from a reactive to a proactive cybersecurity approach? Pete suggests:

• Think like an attacker—simulate real threats, not just theoretical ones.
• Emphasise hands-on training—move beyond PowerPoint presentations.
• Pursue radical visibility—use modern monitoring and automation to detect and respond before an attack happens.

With over 30 years of experience, Pete has worked globally in technology risk assessment, enterprise security, AI, and machine learning security. He has led multidisciplinary teams in designing and implementing cyber security frameworks, published scholarly papers on threat intelligence and risk management, and has been widely quoted in national and international publications.

With aviation becoming more digitally connected, what are the biggest cybersecurity threats currently facing the industry?

(a) “Compliance Complacency”
Defined as the practice of completing required paperwork purely for its own sake—without regard to whether anyone will read or leverage it for meaningful ends—compliance complacency is a common pitfall. It is important to note that every cybersecurity program contends with limited resources while facing an effectively infinite threat landscape. Every moment of time, every dollar spent, and every meeting held is critical to managing organisational risks. Although documentation can play a vital role in unifying a cybersecurity program, it too often becomes an end in itself, consuming valuable resources while offering minimal practical benefit.

(b) Third-Party Risk
No organisation exists in isolation from a cybersecurity perspective. Most entities entrust highly sensitive data to external parties, granting them access to critical systems. In doing so, they inevitably inherit the security risks posed by their third-party providers. A data breach or system compromise at a partner organisation can expose or jeopardise the original entity’s data—often without its immediate knowledge.

How can ANSPs and aviation organisations shift from a reactive to a proactive cybersecurity approach in the face of evolving threats?

a) Adopt the perspective of an attacker. While penetration testing is a valuable starting point, it should not be considered the final step. Continuously challenge your infrastructure by replicating tactics that mirror your most likely threats. Vary the nature of your simulated attacks without informing the monitoring team to maintain authenticity. Prioritise hands-on training for employees by having them practice preventive techniques, rather than relying solely on theoretical presentations. Leverage threat intelligence to understand what attackers may already know about your organisation, leadership, and personnel, and educate users about their potential vulnerabilities.

b) Emphasise proactive rather than reactive strategies. With sufficient planning and a reasonable budget, it is possible to leverage technology to recover systems in entirely new environments, thereby mitigating risks associated with returning to potentially compromised networks.

c) Pursue RADICAL VISIBILITY. Use modern monitoring tools in tandem with automation to promptly identify vulnerabilities and take remedial action. This approach helps avert costly breaches and ensures your team learns from controlled simulations rather than expensive real-world incidents.

What role does global collaboration play in strengthening aviation cyber security, and how can organisations work together more effectively?

Global collaboration is fundamental to enhancing aviation cyber security because threats transcend national borders and require a unified, coordinated response. Cyber adversaries operate on a global scale, targeting critical aviation infrastructure—such as airline reservation systems, air traffic control, and aircraft data networks—wherever vulnerabilities arise. By sharing intelligence, best practices, and incident data, aviation stakeholders worldwide can more effectively identify, prevent, and mitigate threats before they escalate into significant disruptions.

Organisations can collaborate more effectively in several ways. First, developing consistent international standards and regulations ensures that all parties adhere to a common baseline of security measures. Collaborative forums—such as industry associations, working groups, and cyber security conferences—provide opportunities for stakeholders to exchange knowledge, lessons learned, and emerging threat insights. Regular, transparent communication about incidents and near-misses enables the community to identify trends and proactively adapt defense strategies.

Additionally, public-private partnerships can support the development of innovative technologies and services that address evolving cyber security needs. By working together, governments, regulatory bodies, airlines, airports, manufacturers, and service providers can pool financial resources and technical expertise to research new countermeasures. Ultimately, fostering a culture of trust and openness—while respecting confidentiality requirements—can help the aviation sector stay a step ahead of emerging threats, ensuring the safety and security of passengers, crew, and critical infrastructure worldwide.

As technologies like AI and automated systems become more integrated into aviation, what security measures should organisations prioritise to stay ahead of emerging threats?

As advanced technologies such as AI, ML, and automated systems become more integrated into the aviation sector, it is crucial for organisations to remain proactive in implementing robust security measures. By anticipating the complexities introduced by these systems, stakeholders can adopt a risk-based approach that emphasises thorough testing, continuous monitoring, and multi-layered defense strategies. For instance, advanced threat detection mechanisms can be integrated to identify suspicious behaviors and anomalies in real time, ensuring that potential vulnerabilities are addressed swiftly.

One fundamental principle is the concept of zero-trust architecture. This model assumes that no user, device, or system is inherently trustworthy, enforcing stringent access controls alongside continuous authentication and verification. By applying zero-trust principles to AI-driven aviation systems, organisations can contain breaches and hamper an attacker’s ability to move laterally across critical infrastructure.

Strong supply chain security is equally indispensable. As aviation operators increasingly rely on third-party vendors for AI algorithms, hardware components, and data analytics services, vulnerabilities can be introduced at various points. Regular audits, adherence to international cybersecurity standards, and thorough vetting of suppliers help minimise these risks. Moreover, maintaining a software bill of materials (SBOM) offers transparency into dependencies, making it easier to patch vulnerabilities promptly.

Employee training also remains paramount. Cyber adversaries frequently capitalise on human error, and reliance on AI-based systems can lead to complacency. Ensuring that staff recognise phishing attempts, follow secure coding practices, and respond rapidly to potential breaches is essential. Through regular tabletop exercises and scenario-based drills, organisations can refine their incident response capabilities over time.

In sum, safeguarding next-generation aviation technologies requires a multifaceted approach, combining zero-trust architectures, supply chain diligence, ongoing staff education, and advanced threat intelligence. By embracing these measures, organisations can stay ahead of emerging threats and successfully maintain the security and resilience of their AI and automated systems.