5 minutes with... Fabien Pouget
What is your background?
I come from the public sector. For 20 years I worked on multiple projects and in multiple roles for the French Cybersecurity Agency*. What I particularly enjoyed about my role within the Agency was supporting companies and public agencies in their quest to strengthen the cybersecurity of their systems.
Why Thales ? And why the Airspace Mobility Solutions activity?
After two decades in a public agency, working on cybersecurity regulations and supporting clients in their implementation of those regulations, I wanted to see how things worked on the other side. I wanted to work in the private sector and be part of those who have to implement.
I started working for Thales six years ago and moved to the AMS team two years ago. I chose Thales' Airspace Mobility Solutions activity for two main reasons. First, because ATM** is a critical sector, one where people’s lives are at stake and no mistakes are allowed. Second, the arrival of UAS*** has a significant impact on ATM, and Thales AMS is a recognised world leader in the UTM**** field.
I was excited and curious about working with client to ensure cybersecurity in such complex domain.
What is your role today?
I have two key tasks as Cybersecurity practice and discipline manager for the Airspace Mobility Solutions activity at Thales.
Cybersecurity approaches can at times naturally remain compartmentalised. Each team, be it project, product development, business development, addresses the issue through its own lenses. My job is to make sure that we develop a coherent approach at business line level.
Additionally, Thales’ crucial added value is its pool of specialised cybersecurity experts: our expertise straddles across the cyber security and ATM domains. My role is to continue recruiting and training experts that can carry out multiple tasks - risk analysis, penetration testing, securing architectures - within the world of ATM.
What are the key cyber security challenges in the ATM world?
Cybersecurity is a relatively new field in the ATM domain. Our clients have started to implement their own measures and requirements, but safety critical systems can be a complex environment to navigate for cybersecurity novices. How does one know where to start a cybersecurity risk assessment in order to get the right solution?
Which brings me to the second key issue concerning cybersecurity. In a domain in constant flux, with new players, regulations, threats and solutions emerging regularly, our clients can feel overwhelmed with options that may not be self-explanatory. Or worse still, solutions that may not have been tested adequately and whose impact could be devastating on safety critical systems.
For us, it is essential to work closely with our clients, guiding them through a better awareness of their needs and supporting them in selecting the most appropriate solution.
What do you enjoy about your work?
Being a cybersecurity expert for Thales brings versatility and variety! Without having to go through the administrative complexity of changing teams, from one week to another a cybersecurity expert can work on different tasks - from penetration testing to risk assessment or incident response. The fact that this versatility applies to the very specific context of ATM makes it all the more relevant and interesting. We are constantly learning something - from our work, our clients, each other - which means we are never bored!
*ANSSI - Agence Nationale de la Sécurité des Systèmes d’Information
** ATM - Air Traffic Management
*** UAS - Unmanned Aerial Systems
**** UTM - UAS Traffic Management