WASHINGTON –Lance Lyttle, Aviation Managing Director at Seattle-Tacoma International Airport (SEA), today testified before the U.S. Senate Committee on Commerce, Science, and Transportation at a hearing on cybersecurity threats faced by the aviation sector. Lyttle provided valuable insights on the impact a cybersecurity incident can have on passengers and airport employees.
Key excerpts from Lyttle’s testimony include:
“We are here today because the Port recently experienced a cyberattack. While the incident has impacted our operations, we have made significant progress restoring services and systems. Importantly, at no point did this incident affect the ability to safely travel to or from Seattle-Tacoma International Airport or safely use the Port of Seattle’s maritime facilities. Safety and security are our number one priority in response to this incident.
“…there are a number of lessons learned that we have already identified, which I am pleased to be able to share with you today. In particular, we are very proud of how Port employees and our partners came together to maintain continuity-of-operations throughout this incident, meaning that many of our passengers have had a relatively normal experience through the airport and our cruise terminals. I hope that my testimony today will help reassure air travelers of the safety, security, and resiliency of the aviation system.
“… I want to hit on three topics: 1) the effectiveness of cybersecurity systems, 2) the processes and practices that can ensure resiliency when faced with these issues, and 3) the Port’s goal to be “stronger after“ by incorporating these best practices into our future systems and plans.
“We designed a robust IT and cybersecurity infrastructure to protect our systems from attack, and have received good feedback on both internal and external audits. Our staff is well-certified, experienced, and trained, and we have successfully detected attempts from some of the most advanced cyber attacks because of the strong program we had in place.
“Overall, airports take cybersecurity seriously, and have allocated significant resources to these efforts; major airport cybersecurity programs include a variety of policies, procedures and controls designed to identify and protect key assets, as well as respond to potential incidents. Examples include targeted messaging and training to raise cyber awareness throughout the airport; conducting penetration testing and vulnerability assessments; training and testing employees; and consulting with entities outside the aviation subsector to identify best practices and share lessons learned.
“That said, there are definitely things we can do to further strengthen our security, and we regularly work to harden our cyber defenses. Our focus in the wake of this incident includes steps such as strengthening our identity management and authentication protocols, as well as enhancing our monitoring of our systems and network.
“I want to conclude by speaking briefly about ways that Congress and federal agencies can help the aviation industry be even more resilient in the face of these ongoing threats and challenges. In particular, government agencies should continue to proactively prioritize the dissemination of timely and actionable cyber threat information as soon as reasonably practicable; classified briefings should be provided at the earliest opportunity to highlight new and emerging threats.
“In accordance with a TSA mandate, airports and airlines have been reporting cybersecurity incidents to CISA, and there are opportunities to improve the twoway sharing of information. The aviation industry benefits greatly from information about common cybersecurity incidents, and we need to make sure we are optimizing our security tools, talent, and properly resourcing our cyber ecosystems to focus mitigation efforts.”
See Lyttle’s full written testimony here.
###
