Cybersecurity in Philippine Aviation: A Multi-Method Evaluation of Vulnerabilities and Mitigation Strategies Through Document Analysis, Case Study, and Risk Modeling

The digitalization of aviation has heightened exposure to cyber risk, yet Philippine aviation governance and practice remain fragmented. This study evaluates sectoral vulnerabilities and feasible mitigations using a multi-method design: (i) document analysis of CAAP circulars, DICT’s National Cybersecurity Plan 2022, and international guidance (ICAO, IATA, NIST, ISO/IEC 27001); (ii) case studies (Cathay Pacific breach; London Heathrow USB mishandling) chosen for analytic transferability to Philippine operations; and (iii) risk modeling via a likelihood–impact matrix with a transparent 1–5 rubric adapted from ICAO SMM, NIST SP 800-30, and DICT, scored independently by two researchers with consensus reconciliation. I integrate results through a SWOT–TOWS synthesis and propose an AI/ML feasibility roadmap tailored to on-prem/air-gapped constraints. Findings reveal high-priority risks, including unauthorized ATC access, reservation-system data breaches, and airport-network ransomware (ris score = 20), driven by monitoring gaps, legacy systems, and uneven policy enforcement. Moderately ranked threats (weak framework implementation; phishing) and under-analyzed insider risk reflect systemic and human-factor weaknesses, compounded by underreporting and limited inter-agency coordination. The study’s novel contribution is a localization map that operationalizes global frameworks for Philippine conditions: phased NIST CSF adoption, tiered ISO/IEC 27001 pathways, and ICAO-aligned CAAP–DICT coordination with centralized incident reporting; plus a staged, low-cost AI/ML roadmap with KPI tracking (MTTD/MTTR, precision/recall). Limitations include the absence of primary stakeholder data and local incident/cost series; we outline a quantitative extension using operator surveys and Expected Annual Loss modeling to strengthen future empirical grounding. The results inform regulators, airlines, and airports on risk-based prioritization and practical governance upgrades to enhance national aviation cyber resilience.