FAA Has Made Progress but Additional Actions Remain to Implement Congressionally Mandated Cyber Initiatives [open pdf - 539KB]
"FAA [Federal Aviation Administration] manages air traffic control operations through a complex network of information systems and air traffic control facilities. Cyber-based threats are rapidly evolving and could threaten the connectivity of this complex aviation infrastructure. In 2016, Congress passed the FAA Extension, Safety, and Security Act. Section 2111 of the act establishes requirements for FAA to enhance cybersecurity. The Chairmen and Ranking Members of the House Committee on Transportation and Infrastructure and the Subcommittee on Aviation requested that we assess FAA's progress in addressing section 2111's requirements."
Report No. AV2019021
U.S. Department of Transportation Office of Inspector General: https://www.oig.dot.gov/