In this latest in a series of posts about technology and aviation, Oleksandr Plyska, vice president at Sigma Software Group, says protecting data is a key trust issue

In our previous article, we explored how legacy technology continues to hold the aviation industry back, from outdated systems causing costly downtime to failed digital upgrades due to poor integration.

We also looked at how airlines can overcome these barriers through smart modernisation strategies, from middleware to cloud migration, and by fostering a culture of innovation.

In this next piece, we turn our attention to another critical challenge facing aviation’s digital future: cybersecurity.

As aviation becomes more digital, it also becomes more vulnerable. Cyberattacks in aviation rose 131% from 2022 to 2023, with ransomware incidents surging 600% year-over-year.

Hackers are targeting everything from personal passenger data to critical flight infrastructure.

And while the industry is well-versed in managing physical safety risks, cybersecurity presents a new, fast-moving battlefield that demands constant attention and evolution.

The most pressing challenges today include:

• Legacy tech stacks with outdated security models;
• Complex global supply chains with inconsistent security standards;
• Human error, still the most exploited vulnerability;
• The balancing act between using data to improve service and protecting it from exposure.

At Sigma Software, we take this seriously. We bake security into every stage of development.

From secure coding practices and DevSecOps pipelines to regular penetration testing and compliance audits — we’re aligned with OWASP Top 10 to make sure vulnerabilities don’t slip through the cracks.

Across the aviation industry, we’re seeing a stronger, more unified response to these risks. That includes:

• End-to-end encryption to protect sensitive data in transit and at rest;
• Multi-factor authentication (MFA) — not just for employees but also for frequent flyer portals and mobile apps;
• AI-powered threat detection systems that monitor anomalies in real time, catching threats before they escalate;
• Routine security audits and mandatory cybersecurity training, to ensure that frontline staff, IT, and even contractors stay vigilant against phishing and social engineering.

But let’s be clear: cybersecurity isn’t just a tech issue, it’s a trust issue. And that means data privacy matters more than ever.

Airlines collect a lot of passenger data, and that data is valuable, not just to hackers, but to service teams who want to make flying a better experience.

So how do we use that data responsibly? Here’s how:

• Data anonymisation: Strip away personal identifiers while keeping the patterns that help optimise routes, personalise offers, or manage in-flight stock.
• Clear, transparent policies: Let passengers know exactly what’s being collected, how it’s used, and give them the power to opt in or out.
• Data minimisation: Don’t collect what you don’t need. Less data stored means less risk when breaches happen — and yes, they will happen.

This is the new aviation reality. We’re not just building planes and platforms anymore, we’re building trust, securing digital journeys, and proving that data can be both powerful and protected.

Cybersecurity isn’t optional – it’s operational.

In our final chapter, we’ll dive into the top three tech trends set to disrupt aviation by 2030. It’s the boldest look ahead yet, and you won’t want to miss it.