By Kelly Onyedebelu,  Cybersecurity Leader, Bridewell

Airports today are digitally integrated ecosystems where every system, from baggage handling to public announcements, works in concert to move people and goods efficiently and safely. That interconnectivity brings incredible operational benefits, but it also introduces new points of vulnerability. As technology continues to evolve, so must our approach to securing it.

Recent incidents at airports around the world underscore how cyber threats are no longer limited to isolated IT disruptions. Instead, they can have broader impacts across physical infrastructure from HVAC and flight information systems to access control and baggage equipment. While these risks are real, so are the opportunities to build resilience through thoughtful strategy and industry collaboration.

The Foundations of Cyber Resilience: People, Process, and Technology

Cybersecurity is often thought of as a technology challenge, but true resilience comes from aligning people, processes, and technology. These three pillars reinforce one another in that people follow and refine processes, processes guide the use of technology, and technology enables people to protect systems and respond to incidents.

Too often, technology is deployed in  critical infrastructure environments without tailoring it to operational realities. For instance, out-of-the-box configurations may leave default passwords or open ports active on critical systems. Resilience requires more than installing tools. It requires configuring them purposefully, with a clear understanding of how they support safe and secure airport operations.

It is equally important that policies and procedures keep pace with evolving technology. Incident response and business continuity plans should define clear roles and responsibilities, especially when new systems are introduced.

A Culture of Collaboration and Shared Accountability

People are often described as the weakest link in cybersecurity, but that overlooks the value of cross-functional collaboration. Effective protection depends on integrating IT, maintenance, operations, and leadership teams into a shared understanding of risk and response. This means going beyond annual training requirements and fostering a culture of preparedness.

Tabletop exercises and real-time simulations can help teams better understand interdependencies across departments. Practicing these scenarios not only improves incident response, it helps teams identify communication gaps, sharpen protocols, and build trust before a real event ever occurs.

Communication is just as vital as detection. Ensuring that employees understand their role in identifying, reporting, and responding to cyber risks enhances awareness at every level. When people, process, and technology work together as a coordinated ecosystem, airports are better positioned to safeguard operations and protect public trust.

Building Forward Together

Airports are cornerstones of national infrastructure. Protecting them from emerging cyber threats is a shared responsibility across all industry stakeholders. As new technologies like AI and automation are integrated into operations, our collective approach must emphasize agility, resilience, and shared accountability.

Bridewell remains committed to fostering this culture of collaboration across airport leaders, solution providers, and government partners. Together, we can strengthen the digital foundation of our aviation system and continue delivering safe, reliable service to the public every day.

 

Kelly Onyedebelu is a cybersecurity leader with global experience across critical national infrastructure including aviation, transportation, and energy. He supports organizations with strategic guidance and technical implementation, drawing on a background in operations, compliance, and risk management. Kelly is recognized for advancing security in critical environments and driving organizational resilience.

 

 

 

 

 

 

 

DISCLAIMER

This article was provided by a third party and, as such, the views expressed therein and/or presented are their own and may not represent or reflect the views of Airports Council International-North America (ACI-NA), its management, Board, or members. Readers should not act on the basis of any information contained in the blog without referring to applicable laws and regulations and/or without appropriate professional advice.