Airports Council International (ACI) World and Amadeus today announced the winners of the 2025 Technology Innovation Awards, recognizing the world’s most innovative airports. This year’s winners spotlight measurable advances in digital transformation, data-driven operations, identity-enabled self-service, and sustainable, climate-smart terminals.
Air travel will reach 9.8 billion passengers in 2025 (+3.7% YoY), with demand projected to rise to 17.2 billion by 2043. Airport technology and innovation are essential to unlock capacity, improve the passenger experience, and build operational resilience while advancing sustainability.
Winners of the Technology Innovation Awards 2025:
Best Innovation in Airport Passenger Related Processes: The Future Checked In: Biometric Enabled Self Baggage Drop at Kempegowda International Airport.
Best Innovation in Airport Operations and Installations Management: Smart Cleaning System: Redefining Facility Management through Innovation at Queen Alia International Airport.
Best Airport Innovation Leader (Individual): Pablo Lopez Loeches, head of ideation and entrepreneurship at Aena.
Best Innovation: Airport on the Rise (5 million passengers or less): Bioclimatic Airport Building at Roland Garros Airport.
“The 2025 Technology Innovation Awards winners are about successful innovation implementation — solutions that run every day, in real airports, under real pressure,” said Justin Erbacci, ACI World director general. “This year’s winners spotlight measurable advances in digital transformation, data-driven operations, identity-enabled self-service, and sustainable, climate-smart terminals. These are the types of innovations airports need now, meeting today’s passenger expectations while keeping pace with rapid growth in air travel.”
Aadeus EVP AirOps said Rudy Daniello said: “Many congratulations to this year’s airports recognized in the Technology Innovation Awards, from all of us at Amadeus. Our industry stands on the cusp of huge change as airports across the world digitally transform to offer a seamless travel experience. Now mature technologies like digital identity and biometrics are proven to drastically improve the experience of travel the door is open to even greater levels of innovation across the sector. The initiatives underlined how airports can work closely with their airline and government partners to ensure these transformative technologies are applied in a coordinated and integrated manner that delivers outstanding new passenger experiences while boosting overall capacity.”
The announcement was made at the Airports Innovate Gala Dinner. The event is curated as a premier global gathering that showcases the innovations transforming the future of airport travel. The conference is jointly organized by ACI Asia-Pacific & Middle East, ACI EUROPE and ACI World, and this year it is hosted by Korea Airports Corporation.
Aruba Airport Authority (AAA), in partnership with U.S. Customs and Border Protection (CBP) and iProov, has gone live with Enhanced Passenger Processing (EPP) at Aruba’s U.S. Pre-Clearance facility. After completing hardware installation earlier this week, CBP began processing U.S. citizens using EPP on Tuesday.
EPP brings a modern, biometric departure experience designed to make the Pre-Clearance process faster, smoother, and more efficient. Already in use at airports such as Orlando International Airport (MCO) and Dublin Airport, EPP securely verifies traveler identity in seconds, reducing wait times and creating a more seamless flow for departing U.S. citizens returning home.
Through a brief facial biometric scan, EPP matches a traveler to their passport biometric credentials and CBP’s Traveler Verification Service (TVS), eliminating the need to present a physical passport unless additional review is required.
Key benefits include:
Quick biometric verification matching a traveler’s face to their passport in seconds
Group-friendly processing, accommodating families and children.
Brief interaction with a CBP officer, followed by direct access to the departure gate.
Reduced queue times, giving passengers more time to enjoy their final moments in Aruba.
EPP requires no application and is automatically available to U.S. citizens departing Aruba.
“The introduction of Enhanced Passenger Processing is a timely and important milestone, helping us deliver a smoother and more efficient departure experience for U.S.-bound travelers, especially as we navigate the construction phases of our Gateway 2030 expansion,” said Jurgen Benschop, chief operations officer at Aruba Airport Authority N.V. “Together with our partners, we remain committed to innovation and service excellence, and we appreciate our passengers’ patience as we continue building a more modern and efficient airport for the future.
“We are pleased to bring Enhanced Passenger Processing to Aruba,” said Wendell A. Roberts, port director, CBP Aruba Pre-Clearance. “The technology strengthens security while offering a modernized, expedited departure experience for U.S. citizens returning home.”
“We are delighted to partner with Aruba Airport Authority and CBP to bring EPP to Aruba’s U.S. Preclearance site,” said Andrew Bud, founder and CEO, iProov. “This deployment improves operational efficiency and ensures a fast and relaxed border entry into the United States.” allowing departing U.S. visitors, including families and those requiring assistance, more time to enjoy the beautiful island.”
With the majority of Aruba’s visitors originating from the United States, the launch of EPP marks an important step in elevating the overall travel exp operational efficiency at the airport. By streamlining the Pre-Clearance process and reducing wait times, EPP helps create a smoother journey for departing U.S. travelers. This enhanced flow improves the passenger experience and supports our continued efforts to optimize airport operations during peak travel periods.
Smiths Detection has enabled the successful launch of an automated International Remote Baggage Screening System (IRBS), setting a new global standard for cross-border aviation security and passenger processing between South Korea and the United States.
This achievement is led by Incheon International Airport Corporation (IIAC), which continues to set the global benchmark for innovation, digital transformation, and operational excellence in aviation. By pioneering the implementation of IRBS, Incheon has positioned itself not only as one of the world’s best airports, but as the world’s reference site for next-generation international aviation security.
Under the new IRBS model, the checked baggage of passengers departing from or connecting through Incheon International Airport (IIA) Terminal 2 is screened remotely by U.S. Customs and Border Protection (CBP) before landing in the United States. Once cleared, baggage is transferred directly to its destination, eliminating the traditional reclaim-and-recheck process at the first U.S. arrival airport, a breakthrough for International-to-Domestic (I2D) connections.
This removes a critical bottleneck, reduces connection times by up to 20 minutes, and enhances both passenger experience and airport efficiency. While the system currently applies only to the Atlanta route, IRBS-enabled routes will expand to Minneapolis, Seattle, Los Angeles and Detroit.
Looking ahead, Smiths Detection stands ready to support IIAC’s continued innovation with the next-generation SDX 10080 SCT, the strategic successor to the 10080 XCT. Designed to be future-ready, the SDX 10080 SCT delivers enhanced image quality, improved efficiency, reduced energy consumption, and compliance with evolving global regulatory standards. Its seamless upgrade path ensures that Incheon can continue its modernization journey with minimal disruption as passenger volumes and regulatory demands evolve.
Indonesia’s Directorate General of Immigration has become the first authority in the world to introduce biometric corridors at scale with new biometrics on-the-move technology.
This brand-new innovation from Amadeus uses AI-enabled biometrics to validate passenger identities “in motion” through wide corridors, rather than stopping to manually present documents to a border guard or at a counter. This technology transforms immigration from a slow process characterized by queues into a fast, smooth and seamless experience.
As part of the “All Indonesia” initiative, a major government-led digital transformation aimed at streamlining the entry process for international travelers, Indonesia’s immigration authority has deployed two biometric corridors at Jakarta airport and a third at Surabaya. Leveraging its inclusive design and capabilities, the corridors will initially be used for elderly and disabled travelers, to support Indonesia’s vision to embrace transformational technology for everyone. Future applications are envisaged for all passengers across the country’s entire airport infrastructure.
Travelers requiring special assistance can enroll to use the new biometric corridors within the “All Indonesia” app that brings together immigration, customs, health and quarantine declarations into one simple digital experience.
Travelers can share their passport details from the comfort of their home, which allows the immigration service to perform background checks before the traveler arrives at the airport. At immigration, travelers can pass through the dedicated corridor, which scans their face and matches it with the photo on file to accurately confirm their identity as they cross the border.
Prior to being deployed for elderly and disabled passengers, the biometric corridors were used to facilitate the arrival of Hajj pilgrims. Indonesia has the largest quota of Hajj pilgrims of any country in the world with an estimated 220,000 people traveling between Indonesia and Saudi Arabia this year to observe the pilgrimage.
During the pilgrimage, each biometric corridor facilitated 30+ border crossings per minute at peak times, providing a more than ten-fold increase in border-crossing capacity compared to today’s biometric eGates. In total, more than 50,000 Hajj pilgrims were processed using the new biometrics-on-the-move technology.The Seamless Corridor has been deployed to the Indonesian airports in a collaboration between Amadeus and Sinergi Teknoglobal Perkasa.
“Our collaboration with Immigration Department has been a true example of partnership in action,” said Andi Syach, CEO of PT. Sinergi Teknoglobal Perkasa. “By combining global expertise with local innovation, we are not only delivering world-class border solutions but also empowering Indonesia teams through technology transfer and capability building. This close cooperation ensures that the solutions deployed today will continue to evolve and serve the nation’s long-term vision for smart, secure, and seamless travel.”
Rudy Daniello, executive vice president, AirOps, Amadeus said: “The Seamless Corridor is the ‘jewel in the crown’ of our end-to-end portfolio for seamless travel, helping to remove friction and queues at the border. In combination with innovations in digital identity and biometrics at key airport service points, it’s finally possible for airlines, airports and governments to provide a truly seamless, secure experience, free from document checks, queues and barriers.”
For immigration officers and airport staff, the solution reduces pressure during peak periods allowing them to focus on supporting travelers who need assistance, rather than managing bottlenecks or repetitive identity checks. The three Amadeus Seamless Corridors are already fully operational at two of Indonesia’s international airports and support the existing 243 automated border control gates in helping the country’s border authority to be at the forefront of immigration management.
Drone incursions are becoming an increasingly serious problem for the world’s airports. In the United States alone, “The FAA receives more than 100 such reports near airports each month,”said the FAA’s Drone Sightings Near Airports webpage: www.faa.gov/uas/resources/public_records/uas_sightings_report.
Even in their most benign form, drone incursions represent a serious collision risk for aircraft using airports. This is why the push for “counter-drone” solutions is gaining traction in the aviation world — to neutralize (if possible) the threats posed by drones in these airspaces.
So how serious is the current airport incursion situation, why is it happening, and what can be done to counter it? To find out, TSI magazine has brought together three experts in a virtual roundtable discussion.
Michael Hiatt, Epirus
Mark Freeman is the director of customer accounts at QinetiQ Target Systems Canada, a maker of defense and security solutions. “While our primary focus at QinetiQ Target Systems Canada is on maritime and aerial uncrewed platforms for test and evaluation, we work closely with QinetiQ Group’s broader capabilities in counter-drone technologies,” he told TSI. “These include advanced detection, tracking, and mitigation systems designed to protect critical infrastructure and operational environments from evolving drone threats.”
Michael Hiatt, Epirus
Michael Hiatt is chief technology officer at Epirus. Its Leonidas high-power microwave platform is a software-defined, scalable counter-drone solution. “The platform delivers a weaponized electromagnetic interference effect to induce a full kill within a drone’s critical onboard electronics rather than relying on kinetic destruction or RF disruption,” said Hiatt. “This weaponized electromagnetic interference capability means Leonidas is effective where other counter-UAS solutions fall short — particularly against fiber-optic controlled UAS and large swarms.”
Jeffrey Starr, D-Fend Solutions
Jeffrey Starr is chief marketing officer at D-Fend Solutions. It offers RF-cyber counter-drone solutions, specifically designed for sensitive and challenging environments. “Our flagship technology, EnforceAir, moves beyond the ‘brute force’ methods of the past,” Starr said. “Instead of relying on jamming or kinetic projectiles, the technology utilizes radio frequency (RF) cyber technology to detect, locate, and identify rogue drones by analyzing their unique attributes. Crucially, the systems, when allowed by regulations and performed by authorized personnel, can take control of a hostile drone and guide it to a safe landing in a predetermined zone, ensuring continuity and safety.” EnforceAir RF-cyber technology is already protecting critical infrastructure, airports, military facilities, and major events worldwide.
TSI: Just how serious a threat are drones to airports today?
Michael Hiatt: Incredibly serious. The drone threat is not hypothetical — UAS [uncrewed aerial systems] represent a real operational risk to airport security and operational continuity. A single small drone can halt departures, delay arrivals and cause delays that ripple across the entire airspace system.
It only takes one drone to disrupt an entire airport. In September 2025, Copenhagen Airport, the busiest in the Nordic region, halted all takeoffs and landings for nearly four hours after drones were spotted in controlled airspace, grounding flights and diverting traffic while authorities investigated. Frankly, I feel that we’re lucky there hasn’t been an accidental strike resulting in serious loss of life.
Mark Freeman: Drones pose a significant and growing risk to airport operations. Even small consumer drones can disrupt flight schedules, create safety hazards, and cause costly delays. A well-known example occurred at Gatwick Airport in 2018, where drone sightings led to the suspension of flights for over 36 hours, affecting 140,000 passengers and costing millions. This incident highlighted how even unsophisticated drone incursions can have outsized impacts on aviation security.
Jeffrey Starr: The threat is severe and has migrated from the battlefield directly to the homeland. Drones have become a new weapon of choice for bad actors due to their accessibility, low cost, and ability to carry heavy payloads over long distances. For airports, the risk is not just theoretical; it is operational and financial. A single unauthorized drone can cause cascading disruptions.
Just one representative example of many such airport incidents occurred at Luis Muñoz Marín International Airport in Puerto Rico. A drone intrusion there led to the diversion of an incoming flight to the Dominican Republic and caused cascading disruptions for flights across the entire Caribbean region. When a drone halts operations, the economic cost and the safety risks are immediate and serious.
TSI: Is the number of drone incidents at airports increasing?
Freeman: Yes. Global aviation authorities report a steady rise in drone-related incidents near airports. Factors include the proliferation of affordable drones, lack of operator awareness, and deliberate misuse. As drone technology becomes more accessible, the frequency and complexity of incursions are expected to increase.
Starr: Unquestionably. The industry is witnessing a constant and non-stop rise in drone incidents. Since the beginning of last year alone, numerous serious incursions have occurred at major transport hubs and critical sites. The proliferation of drones is driving a commensurate rise in dangerous incidents, and as these devices become cheaper and more capable, the frequency of these disruptions is accelerating.
Hiatt: Absolutely. In the U.S. and Europe, what were once rare drone sightings are now routine reports that pose increased risks to airport operations. In Europe, high-profile cases like the temporary shutdowns of Copenhagen Airport and Aalborg Airport due to drone incursions highlight a recent spike in disruptive drone activity. In the United States, officials have reported thousands of drone events near major airports since 2021, including hundreds of sightings that forced evasive action by aircraft or contributed to flight delays — and data suggests these events are increasing year-over-year.
TSI: What kinds of drone intrusions are occurring at airports?
Freeman: Intrusions range from accidental incursions by hobbyists unaware of restricted airspace to deliberate disruptions by activists or criminals. More concerning are coordinated attempts to interfere with airport operations or smuggle contraband. The spectrum of threats spans from nuisance-level disruptions to sophisticated attacks targeting critical infrastructure.
Starr: The range of intrusions is dangerously broad. Incidents at sensitive sites broadly may include everything from attacks and collisions to smuggling and espionage. In the airport environment, incidents may manifest as harassment and nuisance disruptions that freeze operations, but the potential for more malicious intent such as surveillance of sensitive areas or even direct targeting of infrastructure, is real. Even clueless operators flying commercially available drones into protected airspace pose risks to aircraft and airports.
QinetiQ Drone Detect and Defeat systems leverages multi-sensor fusion and electronic disruption to neutralize threats safely. QinetiQ image.
TSI: What kinds of actors are flying drones into airport areas, and what are their motivations?
Freeman: Actors include:
• Recreational users unaware of regulations.
• Commercial operators conducting unauthorized filming or inspections.
• Activists seeking publicity through disruption.
• Criminal organizations using drones for smuggling or surveillance.
• State or non-state adversaries testing vulnerabilities or planning attacks.
Motivations range from negligence to deliberate interference with economic or security objectives.
Starr: The actor profile is diverse, which complicates the defense. On one end, there are clueless hobbyists or careless operators who simply don’t understand airspace regulations. On the other end, security teams face hostile groups, criminals, and lone opportunists.
Their motivations vary from simple curiosity to smuggling contraband, conducting hostile surveillance, or attempting terror attacks. There is also the weaponization of build or buy DIY drones, effectively transforming them into flying improvised explosive devices (IEDs). Whether the actor is malicious or just negligent, the outcome for an airport, a stopped runway or a collision, is unacceptable.
Hiatt: Actors range from unaware hobbyists to reckless thrill-seekers to deliberate disruptors and perhaps state or non-state aggressors. Findings of investigations aren’t always shared with the public, so it’s difficult to pinpoint definitive bad actors. That said, the possibility of America’s adversaries leveraging drone technology to disrupt airport operations is incredibly real — and likely already happening in my opinion. With major drone manufacturers removing the restrictions on flying in designated No-Drone zones, I think we’re likely to see more and more accidental incursions.
TSI: What options exist for countering drone intrusions, including products made by your company?
Hiatt: There’s a slew of counter-UAS technologies out there.
The most common is simple EW systems that disrupt the control link or send a “go-home” command to a drone. These basic systems are good against NDAA-compliant drones but minor modifications to the drone’s programming or using fiber-optic control will render those C-UAS solutions all but useless.
Kinetic interceptors (think using a missile to intercept a drone) are perhaps most common in military scenarios, but, for obvious reasons, aren’t well-suited to protect airports from drone incursions.
Lasers offer dazzling precision but also demand perfect conditions — clear skies, uninterrupted line of sight and sustained tracking. They are costly, difficult to maintain and hamstrung by significant maintenance and power burdens.
Then you have what Epirus develops, high-power microwave, which unlocks a number of advantages: software definition allows for incredibly precise target defeat and makes Epirus HPM a safe and low-to-no collateral capability that’s ideally suited for airport security missions. Epirus HPM is also the only effective one-to-many counter-swarm solution. With our Leonidas systems, we could defeat (God forbid) hundreds of rogue drones near an airport with targeted bursts of electromagnetic interference — and without disrupting airliners, air traffic control systems or other nearby infrastructure or personnel.
Freeman: Effective counter-drone strategies combine detection, tracking, identification, and mitigation. Technologies include radar, RF sensors, electro-optical systems, and electronic countermeasures. QinetiQ offers integrated solutions such as Drone Detect and Defeat systems, which leverage multi-sensor fusion and electronic disruption to neutralize threats safely. These systems are designed for deployment at airports and other sensitive sites.
Starr: Legacy technologies like radar, optical sensors, and jammers are often unsuitable for dense airport environments. Radar can be confused by birds; optical sensors need a clear line of sight; and jamming can disrupt critical communications.
The “next generation” option is RF-Cyber, which is where D-Fend Solutions leads. This technology quietly scans frequencies to detect unique drone attributes. Once a threat is verified, the system can disconnect the rogue drone pilot from the drone, and take control, guiding the drone to a safe landing. This allows for a surgical, non-kinetic mitigation that doesn’t disrupt nearby communications and navigation. It is important to note that RF-cyber technology is meant to be used in a way that is performed by authorized personnel and as allowed by local laws and regulations.
TSI: How effective are today’s counter-drone tactics, and which airports are using them?
Freeman: Current counter-drone systems are effective against most commercial drones, but challenges remain with swarm tactics and autonomous platforms. Several major international airports have deployed layered counter-drone solutions, often combining radar, RF detection, and jamming technologies. Effectiveness depends on integration with existing air traffic management and rapid response protocols.
Starr: Legacy tactics are increasingly insufficient as a standalone solution. Jamming is risky because it creates interference, and kinetic methods (shooting drones down) are dangerous in a crowded terminal area due to falling debris.
In contrast, RF-Cyber is highly effective because it focuses on control and continuity. It distinguishes between authorized and unauthorized drones, allowing friendly drones to continue working while mitigating the threat. RF-yber technology is currently deployed at sensitive environments across the world, operating alongside radar and other sensors to provide a “surgical tool” for these areas.
TSI: Given the growing complexity and scale of drone attacks, what do makers of counter-drone systems have to do to keep up with them?
Freeman: Manufacturers must innovate continuously to address evolving threats. This includes:
• AI-driven detection and classification to identify drones quickly and accurately.
• Scalable solutions for swarm scenarios.
• Non-kinetic defeat options that minimize collateral risk.
• Integration with airport security and ATC systems for real-time decision-making.
• Cyber resilience and compliance with aviation safety standards are also critical.
Starr: Operators and providers must shift from a hardware-centric to a software-centric mindset. The threat evolves faster than hardware can be replaced. Drones are becoming smarter, using AI mission planning, complex protocols, and swarm behaviors.
To keep up, systems must foresee the drone future and always stay one step ahead. This means utilizing software-driven solutions that allow for rapid, modular updates to counter new drone models and protocols as they appear. Open architecture is also essential, ensuring systems can integrate seamlessly with existing command-and-control layers to form a robust, multi-layered defense.
Hiatt: I think what’s most important is for counter-drone tactics to evolve as fast as drone threats themselves. Drone manufacturers are moving to encrypted links and more sophisticated antenna systems that are harder to jam or take over with protocol attacks. Custom-built drones are moving to fiber-optic control so there are no control signals to detect or jam. While not on the battlefield today, fully autonomous drones are currently being tested and will likely be available soon.
Counter-UAS systems must be scalable, adaptable and software-driven to enable rapid updates via field software updates. Static solutions can’t keep pace with evolving drone types, autonomy or swarm tactics. Continuous updates and flexible architectures are essential. These are all core capabilities of Epirus’ Leonidas HPM platform.
TSI: What do you see as the future of counter-drone systems for airports, including any new advances that your company is working on?
Hiatt: In my mind, the future of counter-UAS is integrated, layered and non-kinetic. Systems that can address single drones and complex swarm scenarios while remaining safe for people, aircraft and infrastructure should be prioritized by airport security decision-makers and lawmakers alike. Epirus is focused on developing systems that meet all these requirements and I’m confident our technology will prove integral to airport drone defense across the globe.
Freeman: The future lies in networked, autonomous counter-drone ecosystems that combine AI, sensor fusion, and automated response. Advances will include predictive analytics to anticipate incursions and cloud-based coordination across multiple sites. QinetiQ is investing in next-generation detection and defeat technologies, including low-collateral RF disruption and AI-enhanced tracking, to ensure airports remain secure against increasingly sophisticated threats.
Starr: The future is defined by integration and intelligence. There will be a doctrinal shift where RF-Cyber is the forefront of a layered defense, supported by legacy sensors when necessary.
Advanced capabilities will not just stop the drone, but, when permitted, capture intelligence. By recovering rogue drones intact via a controlled landing, security agencies are provided with the drone and forensics that can lead to the apprehension of the rogue drone pilot and the prevention of future attacks. Focus is also being placed on automation and AI, enabling systems to either autonomously or manually identify, track, and mitigate threats with even greater speed and precision. The goal is simple: airspace safety with zero disruption to the passengers and planes that rely on it.
Cyberattacks on the transportation sector have surged nearly 50% over the past five years. But the headline statistic obscures what attackers are pursuing: data. Customer records, shipment manifests, logistics intelligence, employee information, payment credentials and increasingly, sensitive government and defense data flowing through supply chains. The transportation industry has spent decades fortifying network perimeters. The problem is that data no longer stays inside them.
Data now moves continuously across cloud-based logistics platforms, third-party vendors, IoT sensors, connected vehicles and AI-powered systems. It crosses borders, jurisdictions and organizational boundaries every second of every day. The traditional security model — build walls, monitor the gates — was designed for a world where sensitive information lived on servers you controlled. That world is gone. And regulators, adversaries and customers have all noticed.
Data Exposure Landscape
The transportation sector has become a prime target precisely because of the data it holds and how that data moves. Nearly two-thirds of supply chain cyberattacks now target transportation and warehousing operations. Ransomware accounts for roughly 40% of all attacks on the sector — and modern ransomware operators don’t just encrypt systems. They exfiltrate data first, creating leverage for extortion even when victims have solid backups.
The average breach now costs transportation organizations nearly $4 million. But the exposure goes beyond direct financial loss. Fleet telematics systems constantly transmit location and operational data. Connected vehicles run on over 100 million lines of code and communicate with central platforms in real time. IoT sensors across ports, railyards and distribution centers generate continuous data streams. Every one of these touchpoints represents data flowing outside traditional perimeter controls.
The third-party dimension makes this worse. Most companies are now linked to at least one third party that has experienced a data breach. Yet only about one-third of organizations have meaningful visibility into how their partners handle sensitive data. Transportation supply chains are long, complex and deeply interconnected. Your data doesn’t just live in your environment — it lives in your vendors’ environments, your partners’ environments and their vendors’ environments.
Why Perimeter Security Fails Transportation
The legacy security model made a fundamental assumption: sensitive data stays inside the network, so protecting the network protects the data. For transportation organizations in 2025, that assumption is catastrophically wrong.
Consider where transportation data lives and moves. Cloud-based logistics platforms manage shipments, inventory and customer information across distributed infrastructure. Third-party vendors — hundreds or thousands of them in a typical supply chain — process, store and transmit data according to their own security practices. Connected vehicles and IoT devices transmit operational and customer data continuously, often over cellular networks entirely outside corporate infrastructure. And AI systems increasingly process sensitive information across jurisdictions, creating data flows that traditional controls can’t track or govern.
Recent incidents tell the story. In 2023 and 2024 alone, ransomware attacks on fleet management providers forced trucking companies to revert to paper logs when electronic logging devices went dark. Third-party software breaches cascaded across major airports, grounding flights and exposing passenger data. Transit authorities lost customer names, addresses and banking information over prolonged intrusions. In each case, the data these organizations depended on wasn’t behind their firewalls — it was in vendor environments, cloud platforms, or systems entirely outside their perimeter controls.
This creates a governance gap that mirrors what we see across industries. Organizations have invested heavily in monitoring — they can observe data moving through their systems. But they lack the controls to enforce policy when data leaves their environment. They know where data is stored but often have no idea where it’s being processed, especially when AI and cloud services are involved. Watching isn’t the same as protecting.
Compliance Reckoning
Regulators have taken notice. The compliance landscape for transportation data security is tightening rapidly and organizations relying on perimeter-centric approaches will find themselves exposed.
The Transportation Security Administration has proposed comprehensive cyber risk management requirements for surface transportation operators. The rule mandates data governance frameworks, not just network security controls. Organizations must demonstrate how they protect sensitive information throughout its lifecycle — not just while it sits on internal servers.
The Cyber Incident Reporting for Critical Infrastructure Act requires covered entities to report substantial cyber incidents within 72 hours and ransom payments within 24 hours. When a breach occurs, regulators will want evidence of what happened, what data was affected and what controls were in place. Organizations with fragmented logging across dozens of systems will struggle to answer those questions under deadline pressure.
For defense contractors in the transportation sector — and the logistics supply chain touches defense more than most realize — C MMC 2.0 requirements became effective in November 2024. Over 300,000 contractors must now demonstrate specific maturity levels for handling Federal Contract Information and Controlled Unclassified Information. The framework doesn’t care about your firewall. It cares about how you protect data.
The evidence problem compounds all of this. Cross-industry research shows that roughly one-third of organizations lack evidence-quality audit trails and over 60% have fragmented logs scattered across systems. When regulators or auditors ask what happened to specific data, these organizations can’t answer with confidence. That’s not a defensible position in 2026’s regulatory environment.
Data-Centric Security: What Must Change
Protecting transportation data requires a fundamental shift in approach. The perimeter isn’t coming back. Data-centric security must replace it.
Shift protection to the data itself. Classification, tagging and policy enforcement must follow data wherever it moves — across clouds, vendors, devices and borders. If a file containing customer PII leaves your environment, the protections should travel with it.
Demand visibility into third-party data handling. You cannot protect what you cannot see. Contracts and questionnaires are insufficient. Organizations need continuous visibility into how partners process, store and secure shared data. The roughly one-third of organizations with this visibility today have a significant advantage over those flying blind.
Consolidate audit trails. Fragmented logs across dozens of systems aren’t evidence — they’re a liability. Unified, evidence-quality audit trails enable both incident response and regulatory compliance. When something goes wrong, you need to reconstruct what happened in hours, not weeks.
Extend sovereignty controls to processing. Knowing where data is stored isn’t enough. With AI and cloud services, data may be processed in jurisdictions you never intended. Organizations need visibility into where data is processed, trained and inferred — not just where it sits at rest.
Prioritize containment over monitoring. Watching data move is necessary but insufficient. Purpose binding, granular access controls and the ability to cut off data flows when something goes wrong — these containment capabilities matter more than dashboards showing what already happened.
Implement Zero Trust for data access. Every access request should be verified regardless of network location. Transportation organizations implementing Zero Trust architectures report 40% faster incident response and significantly improved threat detection. The principle applies to data access, not just network access.
Data Is the Mission
Transportation’s digital transformation has made data the operational core of the industry. Logistics optimization, safety systems, customer experience, regulatory compliance — all of it depends on data flowing to the right places at the right times. That dependency is permanent and growing.
Protecting network perimeters while data flows freely through vendors, clouds, connected devices and AI systems is security theater. It creates the appearance of protection without the substance. Adversaries have recognized this. Regulators have recognized this. The organizations that fail to recognize it will learn through painful experience.
In 2026, the question won’t be whether your network was secure. It will be whether your data was protected — wherever it went, whoever touched it and whatever systems processed it. The transportation organizations that treat data protection as the primary mission, not an infrastructure afterthought, will be the ones that maintain customer trust, satisfy regulators and survive the breach attempts that are certainly coming.
The perimeter era is over. The data protection era has begun.
About the Author
Frank Balonis is chief information security officer and senior vice president of operations and support at Kiteworks, with more than 20 years of experience in IT support and services. Since joining Kiteworks in 2003, Frank has overseen technical support, customer success, corporate IT, security and compliance, collaborating closely with product and engineering teams. He holds a Certified Information Systems Security Professional (CISSP) certification and served in the U.S. Navy. He can be reached at fbalonis@kiteworks.com.
Fraport AG is a global leader in the airport business, managing operations and services at 29 airports across four continents. Its wholly owned subsidiary, Fraport Ground Services (FGS), is indispensable to Germany’s largest airport, Frankfurt (FRA), where it provides the entire range of critical aircraft ground handling services. When FGS sought to optimize complex challenges on the apron — ranging from resource allocation to tight turnaround times — it turned to INFORM, a software company specializing in optimizing business processes through artificial intelligence (AI) and advanced operations research.
Pandemic as a Turning Point (2021 – 2022)
With the drastic decline in passenger volume during the Covid-19 pandemic, FGS had to significantly reduce the complexity of processes in ground handling operations. Separate systems for baggage service, loading and unloading, and baggage transport caused high costs and a lack of flexibility. Additionally, the drivers were assigned to inbound flights — no matter how often they had to drive to perform the tasks for each flight.
Fraport used the crisis to streamline its IT landscape. The old baggage transport system was taken out of service. Instead, baggage service, loading and unloading were integrated into the existing dispatching system.
After analyzing the results from the first phase, an action plan was developed for the next step. This plan had to account for a unique challenge at Frankfurt Airport: many apron positions are located far from the main buildings. These long distances result in extended travel and task-commitment times for ground crews, which limits operational efficiency. Therefore, the action plan was designed to introduce greater flexibility into both planning and operations to mitigate these delays.
The action plan was designed to introduce greater flexibility into both planning and operations to mitigate delays due to apron positions being located far from the main buildings.
“Our long-standing collaboration with Fraport has reached a new level. We didn’t just implement software; we jointly created opportunities for employees to apply their skills in a broader range of tasks, strengthening both efficiency and engagement. Celebrating the successful completion of projects like the baggage handler integration as a unified team truly demonstrated the power of this partnership.”
— Christian Weiss, Project Consultant, INFORM Aviation
Fraport gained significant operational improvements and cost savings by transitioning to this integrated system. The resulting reduction in complexity, combined with the decommissioning of outdated solutions, lowered overhead. Furthermore, personnel gained the flexibility to deploy effectively across a wider range of roles.
Optimization in the Ramp-Up (2023–2024)
With increasing flight and passenger numbers, Fraport needed a system that could bring together two worlds:
• Flight-driven dispatching for aircraft parked closest to the baggage belts.
• Dispatch of single trips for outbound and inbound aircraft parked further away.
In addition, qualified personnel were in short supply, which made optimal use of apron driving licenses necessary.
Fraport executed a strategic restructuring by incorporating a segment of the driver pool, alongside the loading crews, into the dispatching system. Inbound drivers could be consequently re-tasked and transitioned from transport-only roles to a model where they could be concurrently utilized within loading groups. This integration generated significant synergy: drivers with the required apron license performed both routine transport runs and specialized equipment operation at the aircraft positions. The outbound drivers continued to operate as an independent working group.
Faced with a skilled worker shortage, Fraport boosted its operational efficiency through flexible personnel deployment and optimized resource utilization. The result is stable, reliable handling, even when managing aircraft turnarounds as tight as 45 minutes.
Dedicated Baggage Handling System with GS StaffCommunication (2025–Present)
Anticipating significant traffic growth by 2025 and the opening of Terminal 3, Fraport required a powerful, dedicated system for baggage transport. The challenge was to deliver a rapid rollout before the 2025 summer operations, minimizing risk and avoiding cost-intensive new hardware purchases.
Fraport boosted its operational efficiency through flexible personnel deployment and optimized resource utilization. The result is stable, reliable handling, even when managing aircraft turnarounds as tight as 45 minutes.
“Within just three years, we have implemented three major projects with INFORM — with strategic consulting and careful integration of new solutions into the existing IT landscape. All of them were completed on time despite time constraints and have measurably stabilized our operations and made them future-proof.”
— Dennis Stein, VP Logistics and Information Management, Fraport Ground Services
Utilizing a standard software approach that allows for easy, perpetual updates, Fraport successfully rolled out INFORM’s new baggage transport system (GS RealTime Staff & Equipment) and the GS StaffCommunication driver app within a few months, meeting the specified deadline. The system is strategically connected to the dispatching system to exchange task information, ensuring that drivers are dispatched only when the loading team is available, thus optimizing resource deployment and eliminating idle time.
Given Fraport’s large operation — managing approximately 2,000 dispatches daily with eight dispatchers overseeing 150–200 drivers — a crucial factor was the speed of user adoption. The system required minimal training; drivers were productive after just 90 minutes of instruction. The transition was further smoothed by running the new system in parallel with the old one and utilizing existing hardware.
Aviation security has long focused on keeping external threats out — the passenger with a weapon, the infiltrator at the gate or the cybercriminal probing systems from afar. Yet one of the most persistent and complex vulnerabilities lies inside the airport perimeter: the trusted employee. From ground handlers to mechanics, flight attendants, IT administrators and contractors, the modern aviation ecosystem relies on thousands of individuals with authorized access to critical areas and systems. When even one abuses that trust, through corruption, negligence, coercion or ideology, the results can be catastrophic.
Recent analyses highlight that insider misuse is not hypothetical. Incidents involving unauthorized access, smuggling, data theft and attempts to aid extremist networks have reaffirmed that the “enemy within” remains a challenging security threat.
The term “insider threat” once referred mainly to employees with malicious intent — those deliberately acting against the interests of their organization. Today, the definition has broadened to include unintentional insiders whose errors, complacency or manipulation by others create opportunities for exploitation.
Insiders in aviation may act for financial gain, ideological motives, coercion, or simple negligence. Many threats emerge not from criminal intent but from the erosion of vigilance and ethical boundaries. Airports and airlines, by their nature, depend on trust — yet that very trust is what adversaries exploit.
1. Hiring and Background Checks
The foundation of insider threat mitigation begins before day one. Rigorous pre-employment vetting and ongoing revalidation ensure integrity over time. Continuous evaluation programs, now standard in many sectors, use automated systems to flag new risks or behavioral red flags. Modern screening doesn’t end with a fingerprint card; it includes social media vetting, financial reviews, and intelligence-driven risk scoring.
2. Separation of Duties and Least Privilege
Security is not just about access to buildings but about what employees can do once inside. Least-privilege access ensures that individuals only perform functions required by their role, limiting exposure if one credential is compromised. Dynamic access control, adjusting privileges based on schedule, role changes, or incomplete training, adds another layer of prevention against misuse.
3. Behavioral Detection
Artificial intelligence and machine learning now power anomaly detection systems that flag unusual access patterns, badge use at odd hours or system log anomalies. These tools can identify early signs of insider activity while preserving privacy through structured oversight.
Technology alone cannot detect every insider threat. The most effective programs are built on behavioral intelligence, the combination of human judgment, organizational psychology and leadership culture. If you see something, say something.
Human Reliability Programs (HRPs), utilized in the nuclear and defense industries, incorporate psychological evaluation, peer accountability and wellness tracking. In aviation, a simplified version can focus on three pillars: stability, support and self-reporting. Employees who experience personal crises, financial stress or workplace conflict are more likely to become targets of manipulation. An HRP encourages them to seek confidential support before they become security risks.
Behavioral Observation Training equips supervisors and coworkers with the skills to identify subtle warning signs, such as sudden isolation, unexplained wealth or unusual shift swaps, and report them through anonymous channels. When reporting mechanisms are non-punitive and trusted, information flows freely, allowing for early intervention.
The most forward-thinking airlines and airports are now adopting fusion-cell concepts, modeled after national intelligence agencies. These centers bring together HR, IT security, operations and law enforcement liaisons to analyze both digital and human indicators in real time.
For example, an employee accessing an aircraft maintenance database at 3 a.m. might not trigger an alarm by itself. But when that activity aligns with financial distress data or behavioral changes noted by a supervisor, the system can escalate for immediate review. This holistic perspective, connecting departments that rarely talk, transforms fragmented security into a predictive security approach.
No insider threat program can succeed without leadership buy-in and cultural ownership. Security must move from being a department to being a mindset. Leaders who routinely visit secure areas, engage with staff and discuss integrity expectations humanize security and build credibility.
Quarterly “Security Climate” surveys can gauge whether employees feel safe reporting misconduct or observing favoritism, pressure or unclear rules, all precursors to insider complacency. Recognition programs, such as “Integrity in Action” awards, publicly celebrate employees who demonstrate ethical courage, reinforcing that prevention is everyone’s job.
Airlines that treat insider threat as a shared mission, rather than a top-down compliance exercise, are the ones most likely to catch the subsequent breach before it starts.
Aviation can draw powerful insights from energy, finance and defense, industries which manage similar high-trust environments. The Department of Energy’s “Two-Person Integrity Rule,” could be mirrored in sensitive airport zones, ensuring no one is ever alone with critical assets. Financial institutions’ predictive risk algorithms, which blend HR and performance data, could help identify those under stress long before it leads to sabotage or smuggling.
Partnerships among airlines, airports, and intelligence agencies will be crucial in the years to come. Shared watchlists, unified background-check databases and cross-jurisdictional risk-scoring systems can close the gaps that allow an insider dismissed in one location to resurface in another.
As global instability grows, the aviation industry must confront a sobering truth: the subsequent breach may not come from a passenger’s bag, but from a staff member’s badge. The path forward lies in balance — harnessing data analytics and behavioral science while nurturing a culture where security is personal. From recruitment to retirement, every employee must see themselves as part of the safety shield.
A Delta flight that had departed Houston on Wednesday morning, February 18, was forced to return there after a passenger exhibited unruly behavior, according to local officials.
The flight declared an emergency for arrival and landed safely and the aircraft was met by law enforcement.
Houston police initially said they received a report that a passenger attempted to breach the cockpit. However, Delta Airlines says the customer approached crew and customers, exhibiting “unruly and unlawful behavior, but didn’t attempt to access the flight deck.”
A new international transportation security review has identified several persistent vulnerabilities across the aviation sector, emphasizing the growing complexity of safeguarding airports and aircraft. The report highlights concerns ranging from cyber‑attack exposure to weaknesses in aircraft manufacturing oversight, noting that disruptions in one part of the aviation ecosystem can quickly cascade across global networks. Analysts warn that the increasing digitalization of aviation systems—while improving efficiency—also expands the attack surface for malicious actors.
The review calls for stronger cybersecurity frameworks, enhanced monitoring technologies, and deeper collaboration between regulators, airlines, and airport operators. It also stresses the importance of coordinated international response mechanisms, particularly as geopolitical tensions and sophisticated threat actors continue to evolve. The findings underscore the need for aviation stakeholders to adopt more proactive, intelligence‑driven security strategies to protect passengers, infrastructure, and supply chains.
