Kathy Gibson reports from Gitex Africa Morocco – As African businesses shift to digitalisation, it’s important to build trust.
Security is a vital element in the hyperconnected world, says Dr Pascal Andrei, chief security officer at Airbus. And, along with physical safety, it is especially important for a company like Airbus.
As a global company, arguably the most difficult part of ensuring cybersecurity is complying with the regulations in every territory, he says. “We have to ensure that there is trust with all our stakeholders, including governments, partners and customers.”
Co-operation is key in this respect, he adds, and the company works closely with local governments to ensure it has information about local conditions.
Security for one is security for all, and Airbus’s closest partner when it comes to developing safety and security practices is its biggest competitor Boeing.
“Together we can make our security systems better, which is a win-win for them, for us and for all our customers. We share information about attacks and mitigation strategies with one another, and perform exercises and drills together.”
Because it works with sensitive information about national assets, Airbus’s customers usually insist on data sovereignty.
“This goes for cloud and artificial intelligence (AI), with sovereignty ensuring protection and sustainability,” Dr Andrei explains.
When disaster strikes, it is important for a company like Airbus to protect its critical infrastructure.
This involves having an asset inventory that defines what the critical assets are, that will allow the organisation to rebuild in the event of an attack. “When there is a disaster, you need a business continuity plan so you can recover quickly and restart the company,” Dr Andrei says.
“A company like Airbus cannot stop – it must always be working. With more than 20 000 employees, the organisation is like a Swiss watch – it is very complex and must be moving all the time.
“So we have to know what the critical assets are, and ensure that they are resilient.”
And security measures cannot be limited to the company itself, Dr Andrei adds. “You have to think about extending the enterprise. At Airbus we have faced many cyberattacks. Initially, these were mainly against us, then they switched to our affiliated companies. Lately, the majority of attacks have been through the supply chain.
“So you have to be in a position to manage all of these attack vectors.”
With such a big and complex organisation that is literally responsible for people’s lives, security is a big deal at Airbus. It has over 500 employees in Europe and around the world looking after both cyber and physical security.