Cyber threats in aviation
The sky’s the limit?
Nobody will ever forget the horror of commercial passenger planes being deployed as weapons in the tragic events which unfolded in the US on 09/11. Since that day, the prospect of an IOT attack bringing down or taking control of an aircraft has naturally struck fear into the public.
As strong as the weakest link
If insurers and reinsurers want to support this sector with all its challenges, they need a good understanding of the risks involved in this complex and interdependent industry. Airlines are reliant upon global distribution systems which allow automated transactions between travel service providers, typically linking airlines, hotels and car rental companies. Added to this is the process as we take a journey through the airport – from check-in to baggage control, security checks, passport and customs control, catering, fuelling, air traffic control and in-flight entertainment. As a travelling public, our expectation is for all of these to operate seamlessly from departure to destination. Quite a tall order indeed for an industry which is under constant pressure to keep safety standards up and costs down.
Stricter data protection and high fines
The costs of the failures to these two airlines are a matter of some speculation, but publicly expressed views indicate figures of between US$ 80m and 150m each. In May of 2017, over a busy public holiday weekend, the computer systems of the British flag-carrier airline failed, apparently due to human error, leaving some 75,000 passengers stranded. The parent company suggested that the cost of the incident was £80m – and that does not account for the reputational damage which has followed.
What are the takeaways from these incidents?
Naturally, prevention and a good regime of cyber resilience and IT “hygiene” are crucial. If problems arise despite these defences, then excellent claims management is required.
For airlines this means:
- Fast, effective and well-practised resolution is key.
- Communication failures are an unnecessary expense to the business.
- Poor passenger experiences soon trend on social media and can be damaging, both reputationally and financially.
- Transparency and ownership of the problem make a real difference to the public reaction.
For its part, the insurance industry has to ensure that the claim-preparation and settlement process is simpler, more effective and easier to quantify.
- Coverage and how it will work in practice need to be fully understood.
- Established contact partners make communication easier.
- It is important to explore ways in which differences in expectations can be kept to a minimum.
- Pre-agreed forensic accountants can produce a trusted outcome for both parties.
- Some insurance products offer fixed minimum amounts per passenger flight cancelled.
Insurers know that when an insured has had to spend huge amounts of time and effort to quantify a loss, queries and reductions can strain the relationship. Misunderstandings are not just financially expensive. Naturally, anything we can do to speed up the process and achieve better understanding is in the best interests of all parties.