The FAA Reauthorization Act of 2024 was signed into law by President Biden to improve safety and cybersecurity in the aviation sector. One of the key components of the Act is the Aviation Cybersecurity subtitle, which aims to enhance cybersecurity within the aviation industry.

Under this subtitle, several mandates have been introduced, including granting the FAA Administrator exclusive rulemaking authority to implement cybersecurity regulations for various aspects of aviation. Additionally, the Act requires the establishment of a National Airspace System Cyber Threat Management Process to monitor and evaluate cybersecurity incidents. It also amends regulations for airworthiness certification and calls for the formation of a Civil Aviation Cybersecurity Rulemaking Committee to develop standards for various aviation systems.

Furthermore, the Act mandates the Government Accountability Office to review aircraft cybersecurity policies and requires the FAA Administrator to appoint a Cybersecurity Lead to oversee the implementation of these cybersecurity measures.

As the aviation industry awaits the FAA rulemaking, it is essential for entities and service providers to assess their current cybersecurity processes and make necessary adjustments to comply with the upcoming regulations outlined in the Aviation Cybersecurity subtitle.

It is important to note that the insights provided by Jones Day are for general information purposes only and are not to be considered as legal advice. Readers are advised to seek legal counsel for specific legal matters. Additionally, the views expressed in this article are personal views and do not necessarily reflect those of the firm.

For more information, readers can visit the Jones Day website to request permission to reuse or reprint any insights provided. It is crucial to understand that sending information to the firm does not establish an attorney-client relationship unless explicitly agreed upon. By sending emails to the firm, individuals acknowledge that the information shared is not confidential or privileged unless otherwise stated.