EU regulation defines the framework and minimum requirements for cyber security management in aviation.
This page contains the aviation cyber security regulations that apply to aviation organisations and explains the obligations they impose. Furthermore, cyber security is included in the airworthiness requirements of aviation products (e.g. aircraft), parts and components.
The security of aviation information systems is also covered by other regulation (e.g. the EU General Data Protection Regulation, GDPR), but the focus here is on regulation aiming to maintain and strengthen aviation safety, aviation security and societal resilience.
LATEST NEWS IN AVIATION CYBERSECURITY LEGISTLATION
This list contains the latest publication news in aviation cybersecurity legislation. For more details, see the content from this web page below the list.
- Invitation to Traficom`s webinar (in Finnish) on aviation cyber security current themes on (External link) 18th September 2024 at 01-03 pm (External link)
- On June 12, 2024, EASA published the revision for The Easy Access Rules for Information Security (External link). It includes Part-IS regulations (EU) 2023/203 ja (EU) 2022/1645 and their related AMC- and GM-material displayed in a consolidated, easy-to-read format with advanced navigation features through links and bookmarks.
- National implementation of cybersecurity Directive progresses: Government proposes new cybersecurity act on 23rd May 2024. The link to The news by The Ministry of Transport and Communications can be found here (External link). The link to the Government proposal can be found here (External link).
- On October 31, 2023, 2023 EASA published "First Easy Access Rules for Information Security (External link)". It includes Part-IS regulations (EU) 2023/203 ja (EU) 2022/1645 and their related AMC- and GM-material displayed in a consolidated, easy-to-read format with advanced navigation features through links and bookmarks.