Istanbul Sabiha Gokcen (ISG) Case Study

Introduction

ISG uses Picus to gain agility in cyber defense and verify the quality of third-party security services.

In today's world, airports are not public entities that are only infrastructure providers but also have become businesses that contribute to local and regional economies by facilitating the movement of people and goods. They are virtually a city of their own with the number of facilities and services they accommodate within their perimeters. Often physically spread out to many buildings, airports are managed by airport operators, orchestrating the aviation, ground, and hospitality services to ensure a smooth and safe travel experience to millions of guests throughout a year. The aviation industry relies heavily on technology and automation, which, in turn, makes them a target for most sophisticated cyber criminals such as state actors, terrorists, and hacktivists.

The Customer

ISG's primary focus is to provide high-quality services and infrastructure to meet the needs of its clients - passengers and airline operators.

One of Istanbul’s three international airports, Sabiha Gökçen Airport is managed by Istanbul Sabiha Gökçen International Airport Investment Development and Operation Inc. (ISG), a company owned by Malaysia Airports Holdings Berhad along with a network of thirty-nine other airports. ISG’s main focus is to provide the best services and infrastructure to meet its clients' demands – passengers and airline operators- while ensuring their safety and security. Sabiha Gökçen Airport houses a vast complex of aviation facilities together with a hotel, banks, shopping areas, food courts, parking services serving a volume of more than 25 million passengers together with a number of airlines and government agencies. To enable and ensure all stakeholders' safety, ISG puts information technology security at the forefront of its operations.

Fatih Çelik
Security Expert, ISG

"Picus gives us end-to-end visibility and content tailored to our network to proactively tune our defenses."

Maintaining Security 24/7

ISG ensures the 24/7 cyber readiness of Sabiha Gökçen Airport through a large number of security technologies and third-party services. Several modern security technologies protect this large and complex infrastructure. Close to three thousand endpoints and more than a hundred servers are managed by a compact yet efficient team together with third-party support. Considered a critical infrastructure, airports are one of the most heavily regulated and fault-intolerant industries. It is vital to maintain both physical and cybersecurity around the clock. “Any interruption of services might pose risks ranging from business level to national security level. This is the most challenging part of our job here,” says Fatih Celik, Security Expert at ISG.

Picus - A Helping Hand

"In managing a versatile critical infrastructure, visibility becomes a key concern. Furthermore, organizations must have the capabilities to act as quickly as possible based on the new visibility insights. This is where Picus came into the picture", continues Mr. Celik and concludes, "We realized that by combining attack readiness visibility and mitigation, Picus gives us end-to-end visibility and content tailored to our network to tune our defenses proactively.