Print Сite this

Insider Threat in Civil Aviation


In the last several decades, aviation has experienced a significant number of challenges that arose because of its strategic importance for the modern world. As an integral part of the international discourse and relations, air transportation becomes the primary target for malefactors and terrorist groups trying to destabilise the situation and spread panic by introducing multiple security concerns and causing severe harm, including victims among the passengers and population. For this reason, there is a corresponding growth in the sphere of security to be able to resist all dangers and provide appropriate responses to emerging issues to guarantee safety to all individuals.

Our experts can deliver a customized essay
tailored to your instructions
for only $13.00 $11.05/page
308 qualified specialists online
Learn more

Unfortunately, there is a tendency towards a constant appearance of new threats to civil aviation and their diversification regarding the war against terrorism and its forms. Today, developed security systems are expected to eliminate the majority of existing loopholes and protect aviation from the outsider attacks. However, there are still multiple concerns that should be considered, and insider threat should be taken as the most dangerous of them because of the improved knowledge of prevention measures and how they can be avoided.


One of the factors preconditioning the high relevance of the given issue is the increased sophistication and effectiveness of existing security measures that are employed by civil aviation. The combined efforts of various regulatory agencies such as IATA and ICAO and the cooperation with governments contributed to the creation of a practical approach to managing all known hazards, minimising risks, and preventing terrorist acts (ICAO 2018).

The correct understanding of the nature of vulnerabilities, methods utilised by terrorists, and other problematic issues contributes to the creation of a knowledge base and framework that is used to design innovative security systems deprived of serious drawbacks and protected from outside attacks (Coles-Kemp & Theoharidou 2010). That is why malefactors look for new methods to bypass all countermeasures and damage civil aviation.

Under these conditions, an insider threat acquires the top priority as it is one of the possible ways to destroy barriers from inside and create new loopholes offering opportunities for attackers. The importance of the given problem is evidenced by the fact that it is recognised by the IATA and ICAO and other authorities that provide guidelines for the minimisation of these risks and the creation of appropriate strategies to resist them.

Current Security Systems

The existing security systems are centred around the necessity to resist attacks that come outside the aviation sector. It means that their effectiveness in dealing with external risks remains high due to the sufficient work of all its components and elements of the framework. However, the adherence to the given model means that a loophole or flaw can be created if some of its parts work inappropriately, or there is an intentional use of specific information to provide an opportunity for attack (Siao 2017).

The absence of a systemic approach to dealing with this sort of risk and responding to them can become one of the greatest problems for air travel as it leaves a chance for the destruction of any protection (Coles-Kemp & Theoharidou 2010). Moreover, the improved understanding of how modern systems work can contribute to the creation of new ways to minimise their effectiveness and damage critical areas (Siao 2017). That is why there is an essential need for addressing this question and its discussion.

On-Time Delivery! Get your 100% customized paper
done in
as little as 3 hours
Let`s start

Problem of Insiders

There are multiple approaches and definitions of the insider threat and its nature. In general, it can be described as the existence of one or a group of individuals who possess or have access to insider knowledge that can be used to exploit vulnerabilities of the current security systems with the primary goal to cause severe damage (Bean 2017). The given problem firstly appeared in the late 80s with the first attempts to sabotage aircraft and transformed into one of the growing concerns with the tendency to rapid self-radicalisation that is observed in many states today (Cole & Ring 2006).

One of the difficulties associated with this question is that there is a variety of forms that can be peculiar to insider threats, and there is a need to consider this diversity (Bean 2017). Malefactors can share data crucial for the effective work of the protection system, corrupt information systems, smuggle goods or people, outline all existing loopholes or enter terrorist groups to help them perform violent actions aimed at the destabilisation of the situation (Bean 2017). The broad scope of the issue shows the necessity for appropriate interventions to avoid the deterioration of the situation and help aviation to survive and resist attacks.

Associations with Terrorism

Another serious problem of insider threat is its association with terrorist groups. Because of the complexity of security systems mentioned above, and their effectiveness, malefactors change their tactics and start to analyse objects that are selected as the aim for new attacks. The data collection presupposes the use of their own agents who often work in airlines and have access to essential data that can be employed to find or create a loophole that can be later used for various purposes (Probst et al., 2010).

That is why IATA (2018) aims at the creation of increased awareness among companies, partners, and authorities about the insider threat to engage in cooperation and create a framework that can help to eliminate potentially problematic areas. Moreover, due to the diversification of methods used by insiders and the use of innovative technologies to corrupt the work of the sector, an appropriate change in the approach to cybersecurity should also be aligned to ensure the positive outcomes and guarantee the high level of protection to all stakeholders.

Types of Insiders and Misuse

The in-depth analysis of the problem also shows that there are various types of insiders, which is critical for the ability to introduce appropriate responses and eliminate a potential threat. Differences among this cohort include the physical and logical presence, as there can be malefactors working in different environments (Neman 2010). Moreover, there are various degrees of insiders regarding the level of their access, the information available to them, and their role in the company (Neman 2010).

In such a way, the ability to work with essential data portions or impact decision making creates the basis for the appearance of multiple chances to intervene with the work of systems and corrupt them (Neman 2010). Both categories of malefactors possess an opportunity to cause severe harm to the company and make it vulnerable to terrorist attacks. For example, a multi-level security system can be bypassed by using insider data available both for logically or physically present malefactors (Neman 2010). It means that there are no effective measures to resist attacks if the company disregards the given sort of threat and avoids additional security measures.

Additionally, there are different types of insider misuse, such as intentional and accidental ones. Although both these forms are dangerous for airlines, more attention should be given to the first one as it poses a serious threat to existing security systems. The occurrence of accidental insider threats can be explained by the human factor and mistakes that can be found in the work of any specialist because of such factors as tiredness, low motivation, stress (Neman 2010). However, the intentional insider misuse indicates the existence of the desire to cause serious harm to the company or passengers either by providing information to third parties or by using it on his/her own (Neman 2010).

We’ll deliver a custom paper tailored to your requirements.
Cut 15% off your first order
Use discount

In some cases, it can be hidden or concealed by emphasising its accidental nature, which can help to reveal existing vulnerabilities and how companies cope with them to find the most effective way to use the current loopholes. In such a way, the significance of the given problem comes from its scope, the existence of various forms, and challenges in detecting the source of maleficent actions if it comes from employees who possess critical information or access to it.

IATA’s Recommendations

That is why, similar to USTSA, IATA also considers insiders one of the greatest threats to modern aviation. The agency emphasises the fact that the productive and successful work of any security system is possible only if all vulnerabilities are considered, including internal and external ones (IATA 2018). For this reason, IATA cooperates with international companies, airlines, and governances to create guidelines that can be offered to all actors in the civil aviation sector to minimise possible threat and eliminate loopholes that can be used by malefactors. The current objectives offered by IATA to create an insider risk-based approach presuppose:

  • Provide assistance in developing the paradigm to all member airlines
  • Provide guidance on the proactive approach to address this sort of threats (IATA 2018)

These are the core activities that should be given specific attention to ensure that there is a framework characterised by the decreased risk of insider threat. Moreover, IATA also introduces the basic principles that should be taken into account when establishing a framework for the effective management of the problem. They include

  • Focus on security outcomes
  • Devoted attention on security measures under the influence of the operator
  • Outline all current operator responsibilities
  • Implement the insider risk management in the security system
  • Offer a unified approach, strategy, roadmap, and methods to improve the system’s resilience against emerging threats (IATA 2018).

The observation of the given principles is a fundamental demand for the modern security system, which is also focused on the consideration of various forms of insider threat and maleficent actions that can be performed by workers of companies with the purpose of deteriorating the work of the framework.

Policy for Insider Risk Management

The policy for the sufficient work with this sort of risk and mitigation of its negative impact on the aviation sector presupposes that the primary source for the appearance of the given threat should be eliminated. In other words, the more productive work with staff should become one of the most important activities of recruiting specialists (IATA 2018). Moreover, there is a need for the reconsideration of security systems with the primary goal to introduce measures that will help to determine any potentially dangerous activity performed by employees and report it.

Additionally, IATA (2018) acknowledges the significance of additional training for specialists responsible for the monitoring of the work of security systems for them to be able to work both with insider and traditional threats, recognised vulnerabilities, and provide appropriate responses. Under these conditions, the need for these elements shows the demand for the multi-layered protection system and approach to mitigate the risk of maleficent actions performed by workers who have access to essential data portions. The complexity of the proposed structure also proves the great scope of the discussed problem and the need for its consideration to achieve positive outcomes.

Pre-Employment Interventions

One of the fundamentals of the policy dealing with the insider threat is the introduction of effective employment practices. As it has already been stated, today, there is a practice presupposing the use of individuals who start working for airlines with the primary goal of acquiring access to critically important information and then give it to third parties or use to create loopholes (IATA 2018). One of the potential solutions to this problem is the prevention of the recruitment of a person who cannot provide information about his/her background or cannot meet the operator’s requirements (IATA 2018).

This data includes travel history, criminal records, employment history, identification profile, and financial status (IATA 2018). Consideration of these factors is critical when hiring a new worker with access to important elements of a security system as it helps to minimise the change of poor outcomes.

For only $13.00 $11.05/page
you can get a custom-written
academic paper
according to your instructions
Learn more

Moreover, the requirements should differ depending on the level of risk that a person’s role might presuppose, his/her access to areas, decision-making activities, and strategical planning (IATA 2018). For this reason, comprehensive recruitment might also include cooperation with the governmental agencies to collect information about a person, his/her past, and general reliability (IATA 2018). This approach becomes one of the practical methods to minimise insider threat and guarantee that only loyal and skilled workers are hired.

Spot and Stop Measures

IATA also recommends to devote more attention to the development of measures that can be used by specialists to identify an insider at the first stages and prevent him/her from doing harm to airlines. For this reason, there are two useful options:

  • SPOT measures. The strategy that presupposes the identification of behaviours, actions, or activities that can be potentially dangerous, or discovery of changes or suspicious behaviours that might help to find an insider and isolate him/her (IATA 2018).
  • STOP measures. The method focused on the prevention of undesired or dangerous actions via the determent of an insider from exploiting his/her role for unauthorised processes (IATA 2018).

The effectiveness of these approaches rests on the idea that any person might become an insider because of the changing circumstances or new factors impacting his/her life. Personal crises, the need for money, or other motifs can be used by the third parties to recruit a specialist and acquire access to protected data or areas.

That is why for security specialists or managers, it is critical to monitor employees’ behaviours and note any changes that occur. IATA (2018) offers the most common factors that might cause personal problems such as financial difficulties, pressure from peers, family issues, and perceptions of unfairness at work. These factors can be used to identify an insider by management and personnel via the supervision and teamwork. In collectives with the high level of cooperation, the risk of insider threat is much lower if to compare with other groups (IATA 2018). For this reason, SPOT practice can be an effective measure to deal with the outlined problem.

The STOP measures can be employed to support SPOT methods to prevent the development of a critical situation. It rests on the effectiveness of reporting practice and if it can be used for whistleblowing on strange behaviour or unusual moods. The combination of these two measures can help to prevent malefactors from causing harm to the company and avoid the emergence of vulnerabilities, which is one of the main goals of any security system.

Awareness of the Staff

The complexity of the current challenges presupposes that the most effective response can be achieved only by the collaborative effort of all actors engaged in the process. For this reason, the involvement of staff members in activities to resist insider threat is essential for the creation of a safe environment. The awareness of the existing problem among the senior management and the collective help them to acquire models of behaviour, skills, and competencies required to detect any suspicious activity and report it to ensure that the security system remains protected (IATA 2018).

For teams working in airports or airlines, attentiveness for the environment and changes is fundamental against the insider threat as it contributes to the appearance of another protection level. That is why managers should focus on the knowledge generation related to the issue via the provision of demanded training for staff members who play key roles in the existing environment (IATA 2018). Their ability to determine problematic areas, note changes in colleagues’ moods and behaviours, and communicate should become an integral element of the contemporary security culture.

Granted Access

Another possible way to solve the problem of insider threat and minimise the risk of incidents is the reconsideration of the approach to granting access to workers. At the moment, the work of any airline company presupposes the existence of a high number of employees who have an opportunity to interfere with some essential processes or process data that is vital for the effective work of security systems. From one hand, it helps the company to spend less time and function faster by involving numerous persons in all processes; however, from another, it creates the basis for the emergence of loopholes in security systems and possible incidents.

The practice of granted access is one of the strategies offered by IATA (2018) to minimise the risk of insider threat. Only experienced workers who are examined for their loyalty to a company and have an appropriate background should be provided with access to core elements of security systems. It will help to improve the current situation and protect airlines from attacks.


Finally, all international agencies working in the sphere of aviation and creating guidelines for the effective work of the sector consider training a core component of the modern response to insider threat. As stated above, the creation of specific awareness helps to avoid misunderstandings and engage employees in struggling against the insider threat. At the same time, there are different levels of training that should be offered to managers and operators regarding of the position they hold and their role in the work of the security system (IATA 2018). The provision of knowledge about how modern approaches function can help them to recognise the significance of the issue and become elements of a certain proactive method detecting any alterations and providing the in-time response.

For this reason, there is a critical need for special courses aimed at the explanation of the existing risks and ways to manage them. It will be an effective measure to struggle against the insider threat and cooperate to attain improved outcomes.


Dealing with the outlined problem, it is also critical to provide the in-time and appropriate response that will help to find the vulnerability in a security system and eliminate it. That is why IATA (2018) recommends immediate and robust reactions created in accordance with relevant safety and security standards. Because of the existence of multiple scenarios and options, at the very first stages of the possibility of non-intentional infringement of rules should be accepted. However, there is still some level of concern and risk, which means that measures should be applied when the first signs of any possible intervention are detected (IATA 2018).

The response should include the determination of the primary reason for the appearance of a risk and if it should be addressed (IATA 2018). The results of these investigations should be used to inform an employee responsible for the emergence of a problem and select an appropriate punishment which might include termination of employment and even a trial (IATA 2018).

The existence of the given response practice is vital for operators to realise the fact that there is an effective system that will detect their inappropriate actions and all pieces of evidence of a criminal offence will be collected and reported to special authorities. This cooperation is another essential part of the response to insider threat as it helps to investigate all similar cases, find common motifs or organisations that might be responsible for hiring employees with the goal to organise acts of terror or introduce instability and chaos by damaging aircraft.


Altogether, insider threat remains one of the most significant threats to the modern civil aviation sphere. The existing security systems are focused on the effective management and mitigation of risks that come outside airlines, which means that they remain extremely vulnerable to maleficent actions performed by employees and resulting in the appearance of loopholes. The central risk is that these drawbacks in protection can be used by the third parties or terrorist groups with the primary goal to cause severe damage to airlines and passengers. For this reason, organisations such as ICAO and IATA provide their guidelines to address this problem and minimise risks associated with the insider threat.

These recommendations presuppose enhanced recruiting techniques, special staff checks, and an increase in the awareness levels to guarantee the early discovery of a potential threat. Unfortunately, the risk of insider threat is still high and remains one of the fundamental problems of modern aviation and should be considered when designing sufficient security systems.

Reference List

Bean, B 2017, Mitigating insider threats in the domestic aviation system: policy options for the Transportation Security Administration, Master’s thesis, Naval Postgraduate School. Web.

Cole, E & Ring, S 2006, Insider threat: protecting the enterprise from sabotage, spying, and theft, Syngress Publishing, Inc., Rockland, MA.

Coles-Kemp, L & Theoharidou, M 2010, ‘Insider threat and information security management’, in C Probst, J Hunker, D Gollmann & M Bishop (eds), Insider threats in cybersecurity, Springer, London, pp. 45-70.

International Air Transport Association (IATA) 2018, Insider threat in civil aviation. Web.

International Civil Aviation Organization (ICAO) 2018, Insider threat awareness. Web.

Neman, P 2010, ‘Combatting insider threats’, in C Probst, J Hunker, D Gollmann & M Bishop (eds), Insider threats in cybersecurity, Springer, London, pp. 17-45.

Probst, C, Hunker, J, Gollmann, D & Bishop, M 2010, ‘Aspects of insider threats’, in C Probst, J Hunker, D Gollmann & M Bishop (eds), Insider threats in cybersecurity, Springer, London, pp. 1-17.

Siao, D 2017, The aviation insider threat: An assessment of vulnerabilities and countermeasures. Web.

Cite this paper

Select style


StudyCorgi. (2021, July 30). Insider Threat in Civil Aviation. Retrieved from


StudyCorgi. (2021, July 30). Insider Threat in Civil Aviation.

Work Cited

"Insider Threat in Civil Aviation." StudyCorgi, 30 July 2021,

* Hyperlink the URL after pasting it to your document

1. StudyCorgi. "Insider Threat in Civil Aviation." July 30, 2021.


StudyCorgi. "Insider Threat in Civil Aviation." July 30, 2021.


StudyCorgi. 2021. "Insider Threat in Civil Aviation." July 30, 2021.


StudyCorgi. (2021) 'Insider Threat in Civil Aviation'. 30 July.

This paper was written and submitted to our database by a student to assist your with your own studies. You are free to use it to write your own assignment, however you must reference it properly.

If you are the original creator of this paper and no longer wish to have it published on StudyCorgi, request the removal.