Task Force Report on Streamlining and Consolidating Congressional Oversight of the U.S. Department of Homeland Security

Nearly a decade after the 9/11 Commission issued its report on the greatest act of terrorismon U.S. soil, one of its most significant recommendations has not been acted upon. The call for consolidated Congressionaloversight of the U.S. Department of Homeland Security (DHS) is, in the words of Commission co-chair Thomas H. Kean, "maybe the toughest recommendation" because Congress does not usually reform itself. To underscore the importance of this reform, The Annenberg Foundation Trust at Sunnylands and the Aspen Institute's Justice and Society Program convened a task force in April 2013, including 9/11 Commission cochairs Kean and Lee H. Hamilton, former DHS officials under Presidents Barack Obama and George W. Bush, and members of Congress (Appendix). While the failure to reform DHS oversight may be invisible to the public, it is not without consequence or risk.Fragmented jurisdiction impedes DHS' ability to deal with three major vulnerabilities: thethreats posed by small aircraft and boats; cyberattacks; and biological weapons."I think we've been distinctly less securefrom a biological or chemical attack than wewould have been had we had a more rationaland targeted program of identifying the most serious threats," said former Sen. BobGraham (D., Fla.). As the 9/11 Commission Report noted: "So long as oversight is governed by current Congressional rules and resolutions, we believe that the American people will not get the security they want and need."Earlier work by policy groups such as the Heritage Foundation and Brookings Institution attests to the consensus that consolidated oversight of DHS is needed. Among the concerns: More than 100 Congressional committees and subcommittees claim jurisdiction over it. In 2009, the department spent the equivalent of 66 worky ears responding to Congressional inquiries.Moreover, the messages regarding homeland security that come out of Congress sometimes appear to conflict or are drowned outaltogether. As former DHS Secretary Michael Chertoff noted, "When many voices speak, it's like no voice speaks."The task force recommends that:DHS should have an oversight structure that resembles the one governing other critical departments, such as Defenseand Justice.Committees claiming jurisdiction over DHS should have overlapping membership. Since a new committee structure cannot be implemented until the 114th Congress is seated in 2015, the task force also recommends these interim steps toward more focused oversight:Time-limiting subcommittee referrals to expedite matters of national security.Passing, for the first time since formation of the department in 2002, an authorization bill for DHS, giving the department clear direction from Congress

Enhancing Cyberspace Monitoring in the United States Aviation Industry: A Multi-Layered Approach for Addressing Emerging Threats

This research project examined the cyberspace domain in the United States (U.S.) aviation industry from many different angles. The research involved learning about the U.S. aviation cyberspace environment, the landscape of cyber threats, new technologies like 5G and smart airports, cybersecurity frameworks and best practices, and the use of aviation cyberspace monitoring capabilities. The research looked at how vulnerable the aviation industry is from cyber-attacks, analyzed the possible effects of cyber-attacks on the industry, and suggests ways to improve the industry\u27s cybersecurity posture. The project\u27s main goal was to protect against possible cyber-attacks and make sure that the aviation industry is safe and secure

Cyber Security Maturity Model Capability at The Airports

Cybersecurity is an important facilitator for essential aviation safety. The adoption rate for levels of cyber-security protocols at commercial airports is the focus of this research. Scope of this research is limited to cybersecurity maturity model capability norms covering fourteen domains. The paper presents primary data collected from several airport authorities. This survey-based study will be useful in identifying areas for improving operational procedures and developing strong cybersecurity governance at airports. This will allow airports to understand risks and respond proactively by adopting cybersecurity best practices and resilience measures. This study includes domestic, international, privately owned airports, airstrips, or aerodromes. This research found that level one of cyber-security maturity model is the most followed while proactive and advance levels i.e., level 4 and 5 are least adhered to. Most airports appear to have some resources allocated to cyber protection and resilience

A holistic review of cybersecurity and reliability perspectives in smart airports

Advances in the Internet of Things (IoT) and aviation sector have resulted in the emergence of smart airports. Services and systems powered by the IoT enable smart airports to have enhanced robustness, efficiency and control, governed by real-time monitoring and analytics. Smart sensors control the environmental conditions inside the airport, automate passenger-related actions and support airport security. However, these augmentations and automation introduce security threats to network systems of smart airports. Cyber-attackers demonstrated the susceptibility of IoT systems and networks to Advanced Persistent Threats (APT), due to hardware constraints, software flaws or IoT misconfigurations. With the increasing complexity of attacks, it is imperative to safeguard IoT networks of smart airports and ensure reliability of services, as cyber-attacks can have tremendous consequences such as disrupting networks, cancelling travel, or stealing sensitive information. There is a need to adopt and develop new Artificial Intelligence (AI)-enabled cyber-defence techniques for smart airports, which will address the challenges brought about by the incorporation of IoT systems to the airport business processes, and the constantly evolving nature of contemporary cyber-attacks. In this study, we present a holistic review of existing smart airport applications and services enabled by IoT sensors and systems. Additionally, we investigate several types of cyber defence tools including AI and data mining techniques, and analyse their strengths and weaknesses in the context of smart airports. Furthermore, we provide a classification of smart airport sub-systems based on their purpose and criticality and address cyber threats that can affect the security of smart airport\u27s networks

A holistic review of cybersecurity and reliability perspectives in smart airports

Advances in the Internet of Things (IoT) and aviation sector have resulted in the emergence of smart airports. Services and systems powered by the IoT enable smart airports to have enhanced robustness, efficiency and control, governed by real-time monitoring and analytics. Smart sensors control the environmental conditions inside the airport, automate passenger-related actions and support airport security. However, these augmentations and automation introduce security threats to network systems of smart airports. Cyber-attackers demonstrated the susceptibility of IoT systems and networks to Advanced Persistent Threats (APT), due to hardware constraints, software flaws or IoT misconfigurations. With the increasing complexity of attacks, it is imperative to safeguard IoT networks of smart airports and ensure reliability of services, as cyber-attacks can have tremendous consequences such as disrupting networks, cancelling travel, or stealing sensitive information. There is a need to adopt and develop new Artificial Intelligence (AI)-enabled cyber-defence techniques for smart airports, which will address the challenges brought about by the incorporation of IoT systems to the airport business processes, and the constantly evolving nature of contemporary cyber-attacks. In this study, we present a holistic review of existing smart airport applications and services enabled by IoT sensors and systems. Additionally, we investigate several types of cyber defence tools including AI and data mining techniques, and analyse their strengths and weaknesses in the context of smart airports. Furthermore, we provide a classification of smart airport sub-systems based on their purpose and criticality and address cyber threats that can affect the security of smart airport\u27s networks

A holistic review of cybersecurity and reliability perspectives in smart airports

Advances in the Internet of Things (IoT) and aviation sector have resulted in the emergence of smart airports. Services and systems powered by the IoT enable smart airports to have enhanced robustness, efficiency and control, governed by real-time monitoring and analytics. Smart sensors control the environmental conditions inside the airport, automate passenger-related actions and support airport security. However, these augmentations and automation introduce security threats to network systems of smart airports. Cyber-attackers demonstrated the susceptibility of IoT systems and networks to Advanced Persistent Threats (APT), due to hardware constraints, software flaws or IoT misconfigurations. With the increasing complexity of attacks, it is imperative to safeguard IoT networks of smart airports and ensure reliability of services, as cyber-attacks can have tremendous consequences such as disrupting networks, cancelling travel, or stealing sensitive information. There is a need to adopt and develop new Artificial Intelligence (AI)-enabled cyber-defence techniques for smart airports, which will address the challenges brought about by the incorporation of IoT systems to the airport business processes, and the constantly evolving nature of contemporary cyber-attacks. In this study, we present a holistic review of existing smart airport applications and services enabled by IoT sensors and systems. Additionally, we investigate several types of cyber defence tools including AI and data mining techniques, and analyse their strengths and weaknesses in the context of smart airports. Furthermore, we provide a classification of smart airport sub-systems based on their purpose and criticality and address cyber threats that can affect the security of smart airport\u27s networks

Cybersecurity Vulnerability Analysis and Countermeasures of Commercial Aircraft Avionic Systems

Nowadays, most commercial aircraft use systems with innovative technologies and unprecedented infrastructure of avionics applications which include cyber technologies. Airplane passengers are now using aviation cyber technologies when purchasing tickets, checking in at the airline counter, passing through airport security, and connecting to Wi-Fi and the embedded inflight entertainment system. Cyber technologies and connectivity expose aviation to a dangerous and costly world of cyber threats that pose a major challenge of an attack which makes the risks difficult to understand or to define. In addition, the opportunities for attacks continually grow as new services and systems are developed. This thesis looks at understanding these cybersecurity threats and countermeasures of avionics network systems, and their associated defense safety mechanisms and risk analysis will help to pave a secure path toward the increase of protection of our future aviation

Cybersecurity Maturity Model Capability in Aviation and Railway Industry

Cybersecurity is pivotal for the established aviation and railway industries. This study will examine the compliance of various levels of cybersecurity practices according to Cybersecurity Maturity Model Capability. This study will conduct a survey for aviation and railways. The data collected will be compared to identify which of the two industries is more compliant with the cybersecurity operational procedures. It will also enable the two industries to better evaluate and proactively acknowledge the threats by implementing cybersecurity best practices, governance and resilience processes