The item below is from earlier this year — but we don't want planes falling out of the sky or having trouble in control centers with not knowing where planes are in their flight patterns. There is no "one and done" with cybersecurity.
DOT Watchdog Calls on FAA to Step Up on Cybersecurity
— March 25, 2019, 10:36 AM
Delays in implementing cybersecurity tools are inhibiting the FAA from remaining up-to-date on its efforts to fully identify and mitigate vulnerabilities, according to a new report from the Department of Transportation’s Office of Inspector General (OIG). At the request of U.S. House Transportation and Infrastructure Committee leaders, the OIG examined the FAA’s progress in meeting cybersecurity enhancements that Congress mandated in the FAA Extension, Safety, and Security Act adopted in 2016.
The OIG found that the FAA has taken significant steps in enhancing security. As required by Congress, the FAA completed a cybersecurity strategic plan, coordinated with other agencies to identify vulnerabilities, and developed a threat model and research and development plan, the OIG said.