Sofema Aviation Services (SAS) considers key elements related to Cyber Security Compliance within an EASA Part 145 Organizations Regulation (EU) 2023/203 was introduced to establish a framework for managing information security risks within the aviation sector, particularly focusing on their potential impact on aviation safety. Note – EASA Part 145 Organizations have until 22 February…

Sofema Online (SOL) takes a deep dive into meeting EASA Information Security & implementation challenges without the need for additional manpower. Introduction IT and cybersecurity are so specific that companies often have to hire new people or even hire outside people to set up, manage and test/audit. Concerns regarding the reliance on external cybersecurity consultants…

Sofema Aviation Services (SAS) is considering the development of an EASA Part 145 Information Security Management (Cyber) System to ensure compliance while maintaining the existing headcount. Introduction In an EASA Part 145 organization, where recruitment is constrained, cyber security responsibilities must be managed effectively by leveraging existing resources, optimizing processes, and implementing automation. A typical EASA Part 145 organization with 100 employees can meet cyber security responsibilities under IS.I.OR.240 without additional recruitment by…

Sofema Online (SOL) examines key aspects of Cultural Resistance in the implementation of cybersecurity within EASA Part 145 organizations. Introduction – Understanding Cultural Resistance in Cybersecurity One of the biggest challenges in implementing Information & Cyber Security within an EASA Part 145 organization is cultural resistance. Many aviation maintenance personnel, including engineers, technicians, and administrative…