In the rapidly evolving world of cybersecurity, women remain significantly underrepresented—especially in leadership positions. Despite making up 25% of the global cybersecurity workforce, women hold only 17% of CISO positions in Fortune 500 companies, and in some regions, that number drops to single digits. In aviation, the gender gap is even more pronounced. With the industry traditionally dominated by men, female CISOs in aviation are a rare sight, and only a handful of airlines worldwide have appointed women to lead their cybersecurity divisions. One notable example is Deneen DeFiore, who serves as the CISO of United Airlines. However, for most airlines, cybersecurity leadership remains an overwhelmingly male domain.
This makes Tsofit Shachar’s journey even more remarkable. As the first female CISO of an Israeli airline, she has shattered multiple glass ceilings throughout her career. Over the years, she has held critical security roles in leading organizations across defense, healthcare, and corporate security—industries that are not only highly regulated but also deeply entrenched in male-dominated cultures. Her expertise has been instrumental in fortifying EL AL’s cyber defenses against evolving threats, particularly in times of crisis, such as during the October 7th war, when El Al faced a surge in cyberattacks. Today, Shachar is not only a leader in cybersecurity but also a trailblazer for women in the field, proving that expertise, resilience, and innovation can break barriers in even the most challenging industries.
As part of Women’s History Month, we sat down with Tsofit Shachar to discuss her career, achievements, and the evolving landscape of cybersecurity in aviation. From defending an airline under relentless cyberattacks to tackling the growing threats posed by AI-driven security risks, Shachar shared her insights on the complex intersection of cybersecurity, innovation, and leadership—and what it takes to stay ahead in one of the most high-stakes industries in the world.
Thank you for taking the time to speak with us.
You’ve held the role of CISO at EL AL twice making you one of the few women in the aviation industry to lead cybersecurity at such a high level. What brought you back to the role, and how has your perspective evolved between your two tenures?
Returning to EL AL felt like coming back to family. The aviation industry had undergone a dramatic shift since the COVID-19 crisis, and EL AL, like many others, was facing unprecedented challenges. During the pandemic, the company reached a near standstill, but as global travel rebounded in the post-COVID era, aviation rapidly regained its momentum—especially in terms of technological advancement. I saw this not as a step back, but as a unique opportunity to lead through complexity. When I officially rejoined, it was just around the time of Operation Iron Swords, and EL AL was once again at the forefront, often serving as Israel’s sole operating carrier. These challenges only reinforced my commitment and sense of purpose. I returned not just to resume my previous role, but to tackle the evolving demands of aviation security in a new era.
During the war that broke out on October 7, 2023, Israel faced an onslaught of cyberattacks, with over 15,500 cyber incidents recorded within the first month—many targeting the transportation sector, including aviation. Can you share how El Al’s cybersecurity team handled the sudden surge in attacks?
Absolutely. Since October 7th, we’ve seen an unprecedented spike in cyberattacks targeting EL AL—an increase of over 600%. As Israel’s national airline, EL AL became a high-profile target, and the scale and sophistication of attacks increased significantly. In response, we took immediate action on multiple fronts. We scaled up our internal cybersecurity operations and invested heavily in advanced defensive technologies, including enhanced monitoring tools and perimeter protections—what we refer to as the Defense Plane. Importantly, it wasn’t just the volume of attacks that changed, but the nature: we saw a rise in more sophisticated and targeted attempts, requiring a higher level of readiness and coordination. The cybersecurity landscape for aviation was already complex, but the post-October reality pushed us to accelerate both our technological investments and organizational agility. We adjusted our processes, fortified our systems, and increased our staffing where needed. The response has required close collaboration across teams, rapid decision-making, and constant evaluation of new threats and tools.
Can you share any specific incidents where the airline had to intervene in real-time to protect its operations and what lessons were learned from this crisis that have since been implemented in El Al’s cybersecurity approach?
Yes, I can share one public example. On October 24th, EL AL was targeted by a DDoS attack—part of a broader wave that hit the country at the time. It was covered by over 12 media outlets and made headlines as a major cyberattack. The incident impacted our ability to process credit card transactions and disrupted our digital platforms, particularly our main website and sales systems. Despite this, while the website was indeed down for several hours and experienced significant load, there was no impact on business continuity. Flights continued to operate as scheduled. But it required us to step in and act quickly to restore functionality in real time.
This type of attack—DDoS, (Denial of Service)—involves thousands of bots flooding a website with requests, overwhelming it until it crashes. These attacks aren’t random. They’re typically carried out by nation-state actors with the time, resources, and determination to target a national symbol like EL AL. For them, disrupting an airline with symbolic value is a strategic win. We’re a clear target, and we deal with that reality on a daily basis. If you’re asking what lessons we learned without going into all the details, we did initiate changes and acquired additional defense tools that are capable of coping, we scaled our capabilities, deployed more sophisticated defense systems, and carried out several other actions. The attacks didn’t stop after October 7th. We’re still experiencing them, but we now know how to handle them better.
Artificial Intelligence is revolutionizing cybersecurity, but it’s also enabling more sophisticated cyber threats. Looking ahead, what do you see as the most significant cybersecurity threats driven by AI in the aviation industry? And on the flip side, how can AI be harnessed as a key defense strategy against such threats?
Looking ahead, one of the most significant cybersecurity threats driven by AI in the aviation industry will likely stem from the use of AI by malicious actors to develop more sophisticated attacks. These could include data manipulation, leading to inaccurate and unfair outcomes, and the potential for AI systems to be vulnerable to security breaches, just like any other software. Hackers could leverage AI to create more advanced phishing attempts, employing techniques such as impersonation and generating fake identities to manipulate trust. As AI advances, distinguishing between legitimate users and attackers will become increasingly challenging, posing a major risk to both organizations and individuals.
On the flip side, AI can be a powerful tool in defense against these threats. Security professionals are already utilizing AI to analyze vast amounts of data far more quickly and efficiently than traditional manual methods. AI-driven systems can identify and mitigate threats in real-time, helping organizations respond to attacks more effectively. For example, intelligence gathering, which would normally take days or weeks, can now be done almost instantly with the help of AI, allowing for rapid threat detection. Additionally, AI-powered monitoring systems can automatically close security breaches, preventing the need for manual intervention and reducing the risk of human error. As the aviation industry increasingly integrates AI into its operations, it is essential that information security teams continue to monitor and evaluate these systems to ensure their effectiveness and protect against potential vulnerabilities.
In summary, while AI presents new cybersecurity challenges in aviation, it also offers a vital defense mechanism to stay ahead of these threats, provided it is leveraged responsibly and monitored rigorously
With AI advancing so quickly, how do cybersecurity teams stay ahead of the curve rather than constantly reacting?
To stay ahead of the curve in the rapidly evolving landscape of AI and cybersecurity, it’s crucial for teams to remain constantly updated. It’s essential for security professionals to stay informed not just about emerging threats and attacks, but also about new developments and innovations in both offensive and defensive technologies. I encourage my teams to integrate continuous learning into their daily routines, making it a core part of their DNA. They are trained to stay current with the latest updates, from new types of attacks to advancements in AI-driven defense systems. This proactive approach ensures that we are not merely reacting to incidents, but are positioned to anticipate and defend against emerging challenges in real-time. It’s a challenging, ongoing process, but it’s vital for maintaining a strong cybersecurity posture in today’s fast-paced environment.
The aviation industry is known for being highly regulated and risk-averse. In your experience, can an airline truly become more agile when it comes to adopting new cybersecurity technologies?
In my experience, yes, an airline can definitely become more agile in adopting new cybersecurity technologies, though it requires a careful balance between innovation and regulatory compliance. The aviation industry is traditionally known for its high standards of operational precision and stringent safety regulations, which can sometimes create barriers to quick adaptation. However, the industry is evolving, particularly post-COVID, and we are seeing an increasing shift towards agility, especially in areas like cybersecurity and digital technologies.
Many airlines, particularly the larger ones, are beginning to embrace Agile methodologies, which are typically seen in startups and tech companies. By adopting these methods, airlines can improve time-to-market, stay competitive in the fast-paced digital landscape, and enhance their cybersecurity posture. For example, digital payments must be fast, user-friendly, and secure—often requiring one-click solutions and passwordless authentication, which aligns with the broader trend toward smarter, more efficient systems.
The key challenge remains balancing innovation with the strict regulatory framework that governs aviation. While safety will always be the top priority, there is room for agility in cybersecurity. Airlines are increasingly leveraging AI to stay ahead of competitors, enhance operational processes, and provide passengers with a more seamless and cutting-edge experience. So, while regulatory barriers exist, they do not need to stifle progress. Airlines can indeed adopt more agile cybersecurity solutions, particularly when they integrate modern best practices and technologies like AI into their operations.
Startups often struggle to enter the aviation industry, particularly in cybersecurity, where trust and compliance are critical. Given that reality, how many startups are you currently collaborating with in your role at El Al, and in what capacity?
In my role at El Al, my team and I collaborate with an average of three to four startups per week, covering a variety of areas. This includes sectors like mobile authentication, data protection, and cybersecurity solutions for passenger information. We explore a wide range of innovative solutions that can enhance our operations and improve security. Our approach is very hands-on, often engaging with startups directly to assess how their technologies can be integrated into our systems. Additionally, we work with accelerators and incubators, which create a collaborative environment and open the door for startups to bring fresh, cutting-edge solutions that align with our needs. This ongoing collaboration allows us to stay ahead in the rapidly evolving tech landscape while fostering a mutually beneficial relationship with startups.
Aviation cybersecurity doesn’t stop at the airline—it extends into a vast network of suppliers, manufacturers, and service providers. What are the biggest supply chain vulnerabilities you see in aviation today, and how can airlines better enforce cybersecurity standards with third-party vendors they don’t always have full control over?
One of the biggest supply chain vulnerabilities in aviation today lies in the difficulty of thoroughly vetting and assessing suppliers. Many suppliers in the aviation industry are traditional, large-scale companies that typically work with major corporations, and they are often hesitant to undergo the standard due diligence processes that would allow us to assess their cybersecurity and regulatory compliance. This lack of transparency makes it challenging to conduct risk assessments and ensure that these suppliers are meeting the necessary security and compliance standards.
Additionally, there is a significant challenge when suppliers fail to share information about potential cybersecurity incidents they’ve experienced. As a result, we often have to start our checks from scratch, even if the supplier is already working with other companies. This becomes especially critical because supply chain risks are increasingly being recognized as a major vulnerability. Cyber attackers often prefer targeting the supply chain as an entry point rather than attacking the main organization directly, assuming that the supply chain may have weaker defenses. This exposes organizations to a significant risk of indirect compromise.
The supply chain has now become a primary attack vector, and we have to be proactive in managing this risk. We invest heavily in third-party checks, supply chain assessments, and continuous monitoring to ensure that our suppliers meet the necessary cybersecurity standards. However, even with these efforts, the challenges remain, and as the risk landscape evolves, it’s essential that we maintain vigilance and continue to strengthen our defenses in this area.
As one of the few women leading cybersecurity at a major airline, you’ve navigated a highly complex and male-dominated field. Have there been moments in your career where you felt your gender was used to question or undermine your expertise?
Over the years, this has improved significantly. While I haven’t experienced anything intentionally discriminatory, I did find myself in the minority, especially at professional conferences, where I was often the only woman in the room. At times, this would lead to raised eyebrows, and on panels, there were only male speakers. However, I didn’t let that deter me. I didn’t focus on it or let it affect my work. I didn’t experience any direct bias, and I simply continued moving forward with my career.
Today, the situation is different. I see more and more women and incredible researchers in the field of cybersecurity, particularly in aviation. Women are increasingly leading in this space, bringing about great changes. There are more female lecturers, innovators, and thought leaders who are breaking boundaries and driving progress. I’m part of groups like Cyber Ladies and other networking communities in Israel, where we share knowledge, mentor one another, and support each other. The presence of more women in cybersecurity only strengthens the field, and I believe it will continue to evolve positively as more women join and lead.
What advice would you give to women looking to enter cybersecurity, especially in aviation?
My advice to women looking to enter cybersecurity, particularly in aviation, is simple: anything is possible. Don’t let gender be a barrier or make you think that you’re at a disadvantage. The key is to focus on the big picture, on the full trajectory of your career, and where you want to go. It’s important to embrace continuous learning, as the cybersecurity field—especially in aviation—is constantly evolving and highly specialized. Stay curious and passionate about expanding your knowledge in this niche area, and don’t let any limitations, beliefs, or challenges stand in your way.
I’ve found that the constant learning and the drive to enrich my knowledge have been what keeps me going, and I believe it’s crucial in this field. There are more women joining the field of aviation cybersecurity, and that’s a positive sign of growth. The more women we see in this field, the more it will develop and improve for the better. So, my advice is to never doubt your ability to succeed in this field. Embrace the journey, look at the big picture, and always be open to learning new things. This is a mission, and the possibilities are endless.
to receive updates from our company.
