Cybersecurity - Related Event Proceedings

Introduction to Part-IS & organisational impact

Scene setter on Part-IS, links with the other implementing rules for the different domains and the expected impact on the organisational structure.

EASA

Panel 1 - Part-IS early implementers’ feedback

Experiences of early implementers of Part-IS, challenges and key aspects.

EASA, Airbus Commercial, Lufthansa Group, Nordic Regional Airlines AB, TRAFICOM

Examples of functional chains and shared risks

Examples of risks at the interface between organisations.

EASA, Airbus

External Reporting under Part-IS

External reporting requirements under Part IS and the relationship with Reg. (EU) 376/2014, the reporting tools that will be available.

EASA

ISO/IEC 27000 in relation to Part-IS

Insights on the similarities and differences between ISO/IEC 27000 and Part-IS in order to leverage on existing certification.

EASA

Industry standardisation

European Cyber security for aviation Standards Coordination Group (ECSCG) activities - focus on standards that will support Part-IS implementation.

EASA

Part-IS Task Force outcomes & harmonisation activities

Overview of the harmonisation activities carried out by the Task Force, i.e. approval of derogations and the implementation guidance for ISO/IEC 27001 certified organisations.

AESA, AUSTROCONTROL

Interplay with other EU rules (NIS2 and AVSEC)

Relationship beteen Part-IS and other EU cybersecurity legislation that may be applicable to aviation entities.

EASA, Polish CAA

Panel 2 - Staff competence building

Discussion on cyber security competencies, & possible approaches to recruitment and upskilling the workforce, and the challenges associated with them.

EASA, ENISA, AESA, ILenT-NL, FOCA

ECSF adaptation for Part-IS roles

The tailored version of the ENISA Cybersecurity Skills Framework for use in the aviation context, taking into account in particular the roles introduced by Part-IS.

EASA