Case Study: How Fraport Twin Star Airport Management achieved compliance for important national standard

Oct 19, 2021 | Case Studies | 0 comments

“Fraport Twin Star Airport Management” AD is the German-Bulgarian concessionaire of Burgas Airport and Varna Airport, 60% owned by the global airport operator Fraport AG and 40% held by “Airport Services Bulgaria“. Since 2006, the company manages and develops both Black Sea airports under a 35-year concession granted by the Bulgarian State.

One of the values of the company is its constant striving for perfection. The company always sets new high goals to be achieved. That same principle was applied in the field of cybersecurity as well when “Fraport Twin Star Airport Management” had to meet the national regulatory requirement for network and information security. 

For companies in this sector, it is very crucial to be up to date with their cybersecurity measures. A report about airport cybersecurity by cites the European Aviation Safety Agency (EASA) and outlines that around 1,000 cyberattacks on aviation systems are being done on a monthly basis. 

Fraport’s Challenge

“Fraport Twin Star Airport Management” AD had to review the state and current level of security of IT systems and equipment deemed highly critical for national security and the company’s business. For this purpose, the organization needed experienced cybersecurity experts to execute regular advanced vulnerability scans and checks.

There were several main things that the company wanted to address: 

  • Cover national cybersecurity regulations;
  • Spot corporate cyber risk exposure;
  • Identify and implement remediation activities. 
  • Regular C-level reporting

The airport operator first turned to 3Cyber-Sec in the middle of October 2020. The reason was the legislative and regulatory requirements that they had to cover by the end of the same year. The airport management consortium had to cover and report status concerning the requirements of the national regulation for minimum requirements in relation to network and information security. And this needed to be done in around two months. 

3Cyber-Sec’s Solution 

The managerial team of “Fraport Twin Star Airport Management” AD chose to work with 3Cyber-Sec because of the good reputation of the company and its expert team. They relied on the fact that the cybersecurity experts can deliver a high-quality solution in a short time that is tailor-made to the needs, themes, and problems that “Fraport” had. And this is exactly what happened. 

The airport management consortium contacted 3Cyber-Sec to present a solution for Vulnerability Management Services. This involved the vulnerability management services on a regular basis, along with monthly security screening, reports, and analysis of the problems and issues in the cybersecurity of the company. “Fraport” had some catching up to do, especially in the area of internal cybersecurity infrastructure. Something they hadn’t looked into that much detail until they hired 3Cyber-Sec. 

“„3Cyber-Sec” provided professional, timely, and comprehensive services that were highly appreciated by our IT team. As a result of our joint efforts, we were able to successfully address the national “Regulation on the minimum requirements for network and information security” and gain full visibility of the corporate cyber risk exposure.” – the team of “Fraport Twin Star Airport Management” AD.

The work plan was presented, discussed with, and approved by the client. The first thing that the team of 3Cyber-Sec did was to identify together with the staff of “Fraport” each key business services that corresponded to the infrastructure components that were going to be monitored regularly. 

After that, the expert team of 3Cyber-Sec developed a plan for the screening of the different services and prepared cybersecurity reports based on the business needs of the clients. From the data gathered during the screening process, the team created both technical and C-level reports for each service that “Fraport Twin Star Airport Management” AD offers and their infrastructure. All of this was and the main findings were finally wrapped up in a C-level presentation about the cybersecurity state of the company that was presented to the client. 

“We found 3Cyber-Sec’s team to be extremely responsive, attentive, and highly experienced, with in-depth knowledge in the vulnerability management area. ”3Cyber-Sec” reports empowered us to spend less time on identifying remediation activities and focus on remediation itself. Working with 3Cyber-Sec was the best choice we could have made.” – the team of “Fraport Twin Star Airport Management” AD.

The Outcome

3Cyber-Sec managed to provide visibility to the vulnerabilities in cybersecurity that “Fraport Twin Star Airport Management” AD was not aware of and managed to help the client cover the requirements of the regulation and achieve compliance. The joint efforts and the fact that the team of “Fraport” was very cooperative helped the cybersecurity expert team deliver the service in a shorter time.

Without the help of 3Cyber-Sec, “Fraport Twin Star Airport Management” AD was going to delay their compliance with the requirements of the regulation. They probably wouldn’t be aware of the risks and vulnerabilities they had in cybersecurity.

“Based on our positive experience, “Fraport Twin Star Airport Management” AD acknowledges “3Cyber-Sec” as a trusted partner in the field of information infrastructure vulnerability testing. Our company would not hesitate to engage “3Cyber-Sec” again for future projects.”. 

If you also need help in achieving compliance or you want to find out what are the potential vulnerabilities in your cybersecurity defenses, contact us for a free consultation now. We are a boutique cybersecurity company and are always ready to answer the specific needs of each of our clients with tailored cybersecurity solutions. 

Get Instant Access to Cybersecurity News & Advice