Mechanics standing in front of jet engine showing the importance of data security while airline industry is transforming to cloud-based technologies

As the Airline Industry Looks to the Cloud, Data Security is Critical for Take Off

Ransomware has continued to rear its ugly head in recent years, with rising costs associated with its malicious aftereffects soaring to the billions. In 2019 alone, ransomware may have cost the United States $7.5 billion in losses, biting a significant chunk out of industries already struggling to keep the pace amidst digital transformation. Many institutions, however well-established or profitable, are unaware of the dangers and vulnerabilities lurking in their network infrastructure, creating unanticipated hurdles when attempting to fully digitize their operations.

According to a study conducted by LogicMonitor, 66% of IT professionals say security is their greatest concern in adopting an enterprise cloud computing strategy, which is no surprise considering the significant increase in cloud migration in recent years. This concern is understandably justifiable – In a 2018 study, Varonis found that 41% of companies have over 1,000 sensitive files open to everyone, a troubling discovery when considering the fact that the global number of web attacks blocked per day increased by 56.1% between 2017 and 2018. There is no shortage of bad actors or pitfalls when attempting to digitally transform, requiring a company’s overall strategy and execution to be all the more delicate and security conscious.

These threats have failed, however, to abate the demand for cloud-based data analytics, managed file transfer, and other SaaS providers, with 83% of enterprise workloads expected to be cloud-based by this year. For companies offering these services, two areas of growth seem to stand out from the rest.  One, consolidation of data movement and orchestration platforms and, two, aggressive and well-defined cloud strategies.

Data transformation has, by its very nature, necessitated tighter, more predictable, compliance-compatible, cloud-compliant, and best-of-breed solutions that can help organizations ensure fit-for-purpose data marshaling, consumption, and movement.  It is true that large organizational merger and acquisition integrations have driven a need to reassess internal data sharing and movement technologies, yet it is equally true that the cloud has done its part in forcing the hands of many large organizations. This level of change requires a more comprehensive approach to security overall, beginning with understanding what practices or systems are getting in the way.

A prime example of this push for digital transformation while struggling with legacy technology systems can be found among flagship airlines, which represent a long-established industry aiming to interface with customers in an ever-advancing digital world. British Airways, a giant in commercial aviation, has faced numerous data breaches over the last three years, the most notable resulting in the company being fined $230 million for GDPR violations. This financial and reputational blow is incredibly damaging, yet avoidable. Airlines have essentially become conglomerates of retail, manufacturing, and logistics, with much of the latest user-friendly tech being leveraged for a better customer service experience rather than focusing on internal operations or more efficient network configurations.

This oversight has led to a reliance on completely outdated IT infrastructures and highly customized legacy systems that are difficult if not impossible to integrate with newer platforms. This in turn places an immense burden on the few IT professionals familiar with the legacy system’s inner workings, clogging the enterprise workload and reducing potential threat visibility. The need to digitally transform by deploying tech-savvy applications and user-friendly tools is entirely undercut if aging IT infrastructure is ignored. Between 2015 and 2017, the U.S. Government Accountability Office identified 34 IT outages affecting 11 airlines, leading to grounded, delayed, or canceled flights worldwide, in addition to preventing passengers from checking in. A sophisticated user-interface can’t make up for a failure to meet basic customer expectations, demonstrating the external importance of internal cybersecurity measures when digitally transforming in a more strategic, less superficial manner.

Data breaches in and of themselves are cause for concern, but an added layer of complexity accompanies the compliance requirements enacted by laws such as GDPR and CCPA. Not only do organizations suffer the reputational costs of not sufficiently protecting customer data – they encounter steep financial ramifications as well. Cloud-based platforms, particularly in the managed file transfer space, provide an easy-to-integrate alternative to more decentralized, outdated operational methods, which can inadvertently let sensitive data slip through the cracks. Data must also be stored for certain lengths of time and, depending on the legislation, requires the organization collecting the personally identifiable data to forget it ever existed. Modifying a fragile legacy network to be able to compete with cloud-based compliance software that already includes built-in controls is a costly, unwinnable proposition. Although typically, organizations may not be as large as British Airways, the average cost of non-compliance is $14.82 million, a 45% increase from 2011. The importance of abiding by data privacy laws in an efficient manner cannot be understated.

Ultimately, threats like ransomware aren’t likely to go away. When placed in context, the field of cybersecurity is still relatively new, with cyber attacks being one of the top five global destabilizers today. Digital transformation can be both a blessing or a curse, depending on how it is utilized and whether cloud-based technologies play a significant role in an organization’s transition process. Preventing damaging data breaches doesn’t have to be a complicated endeavor – employing software that protects file transfers and tracks data compliantly is likely within grasp for those who are willing to fully take the digital transformation plunge.