Protecting critical national infrastructure
Scandinavian Airlines – commonly known as SAS – is one of the world’s largest airlines. Headquartered in Sweden, the business carries more than 28 million passengers a year who trust it implicitly with all their personal data. It has four million loyalty members and operates in 34 countries. It is a critical piece of Scandinavia’s transport infrastructure. The modern business is global, digital – and a highly attractive target to cybercriminals.
Digitizing an integrated workflow
Almost everything about the modern airline business is digital: the ticketing, meal planning, navigation systems, safety process. Digital touchpoints help make for a slick, seamless, global operation. SAS needs integration with logistics, financial payments, regulators, and more, to create an operational ecosystem. With data comes data risk. Airlines are a prime target for cybercriminals, whether they are looking to steal air miles or customers’ financial data, disrupting operations, or holding the business to ransom. Passengers are placing significant trust in their airline.
Taking control and building visibility
Historically, SAS had outsourced much of its IT function. This decision delivered efficiency savings; the challenge for SAS was to strengthen the control and insight needed to navigate an increasingly digital business. By bringing certain management functionality in-house it would be better able to “drive its own destiny”, according to Thomas Widen, Head of Cyber Security and Compliance at SAS: “Safety has always been a priority for airlines. Today, that includes cyber security.” SAS’ main priority is keeping its passengers and their data safe.