Sofema Aviation Services (SAS) considers several examples of Cybersecurity Breaches Introduction The following examples illustrate how vulnerabilities, whether in operations, IT infrastructure, or third-party systems, can impact aviation safety, continuity, and reputation. British Airways Data Breach (2018) Type: Data Theft Impact: 500,000 customer records compromised Method: Injection of malicious code via third-party scripts on the website and mobile…

Sofema Aviation Services (SAS) considers key aspects related to the Information and Cyber Risk organisational exposure resulting from contracting activities To proactively manage cybersecurity risks through clear contractual arrangements, aviation organizations ensure they meet EASA requirements, mitigate risks, and contribute to overall aviation system security and safety. Organizations should: Review existing contracts for compliance gaps…

Sofema Aviation Services (SAS) considers key elements related to Cyber Security Compliance within an EASA Part 145 Organisation The introduction of Regulation (EU) 2023/203, mandates the integration of information security requirements into aviation safety management. For EASA Part 145 organizations, adopting robust information security practices demands a shift in how these organizations approach their operational, technical, and…

Sofema Aviation Services (SAS) www.sassofia.com considers the essential elements related to the effective delivery of organisational-wide SMS training program Introduction Creating a robust Safety Management System (SMS) training program is critical for any maintenance organization aiming to enhance safety and human factors awareness. As per AMC4 145.A.30(e) Personnel requirements and GM1 145.A.30(e), the program must ensure…