Aviation Cybersecurity Governance: Towards an Operational
Framework and Solutions Agenda for the Airport Domain

Metin, Bilgin; Dümer, Hasan Burak; Wynn, Martin G

You are here : University of Gloucestershire > Research > Research Repository

Aviation Cybersecurity Governance: Towards an Operational Framework and Solutions Agenda for the Airport Domain

Tools

Metin, Bilgin, Dümer, Hasan Burak and Wynn, Martin G ORCID: https://orcid.org/0000-0001-7619-6079 (2026) Aviation Cybersecurity Governance: Towards an Operational Framework and Solutions Agenda for the Airport Domain. Information, 17 (2). pp. 1-28. doi:doi.org/10.3390/info17020177

[thumbnail of 15833 Metin, B et al (2026) Aviation Cybersecurity Governance - Towards an Operational Framework and Solutions Agenda for the Airport Domain.pdf]

Preview

Text
15833 Metin, B et al (2026) Aviation Cybersecurity Governance - Towards an Operational Framework and Solutions Agenda for the Airport Domain.pdf - Published Version
Available under License Creative Commons Attribution 4.0.
Download (2MB) | Preview

Official URL: https://doi.org/10.3390/info17020177

Abstract

In an era where digital transformation shapes the backbone of global aviation infrastructure, the cybersecurity of air transport systems is of paramount importance. This article assesses the complex cybersecurity landscape within the civil aviation ecosystem, with a specific focus on the airport domain. The study first maps the vulnerabilities undermining airport operations by synthesizing secondary sources and industry reports (2015–2025) into a provisional conceptual framework (PCF). Then, this framework was operationalized and validated through primary research involving in-depth interviews with ten senior industry practitioners. These practitioner insights inform a comprehensive solutions agenda and an operational governance framework based on Governance, Risk, and Compliance (GRC) principles. By adopting a multifaceted Technology–People–Organization approach, the presented cybersecurity governance framework can ensure safe and sustainable airport operations through a continuous identify–implement–monitor improvement cycle. The findings provide both theoretical depth and practical relevance for airport operators and researchers aiming to fortify the aviation ecosystem against evolving digital threats.

Item Type:	Article
Article Type:	Article
Uncontrolled Keywords:	Aviation; Cybersecurity; Governance risk compliance; GRC; Airline operators; Airport domain; Vulnerabilities; GRC Framework; Human factors; Cybersecurity governance
Related URLs:	Publisher
Subjects:	Q Science > QA Mathematics > QA75 Electronic computers. Computer science Q Science > QA Mathematics > QA75 Electronic computers. Computer science > QA76.585 Cloud computing
Divisions:	Schools and Research Institutes > School of Business, Computing and Social Sciences
Depositing User:	Martin Wynn
Date Deposited:	11 Feb 2026 10:13
Last Modified:	11 Feb 2026 10:30
URI:	https://eprints.glos.ac.uk/id/eprint/15833

University Staff: Request a correction | Repository Editors: Update this record

CORE (COnnecting REpositories)

University Of Gloucestershire

Find Us On Social Media:

Other University Web Sites

Staffnet (Staff Only)

University of Gloucestershire, The Park, Cheltenham, Gloucestershire, GL50 2RH. Telephone +44 (0)844 8010001.

© UoG 2008-24
Knowledge Base
Accessibility
Privacy and Cookies
Disclaimer
Comments concerning this page to Webmaster