Cyber Security Incident Management has an important role in the aviation domain. Information sharing between air traffic control (ATC) and ground traffic management (GTM) is System Wide Information Management (SWIM), which causes the need for the concept of cyber security management in the aviation domain. Current studies are limited to studying the needs and solutions to improve these capabilities. So, there is a great need for cyber security incident management in a system-wide information management (SWIM) system in the future. This study is a review of the literature. The author conducted a search for references related to the security of privacy data. A method for evaluating, evaluating, and synthesising the results of research works and ideas produced by researchers and practises that is systematic, explicit, and explicit. The main purpose of implementing System Wide Management is to empower the business from the traffic management that will be generated by ensuring the regularly regulated data management is delivered to the ideal individual at the right time. risk management to be able to minimise various obstacles that may occur during the execution of the project. Risk is generally defined as the combination of the likelihood of an event and its consequences (ISO Guide 73). The point is that the business target is not being met. COBIT 5 for Risk characterises IT risk as a business risk, particularly business risk related to the utilization, operation, inclusion, impact, and acceptance of IT in a business. It has described the cybersecurity incident management scheme in the domain based on existing standards and good practices. It is hoped that this can be applied in the aviation domain in the future. This led to an increase in the broad concept of information systems management services. So that it can be a reference for improving incident management in the aviation world and as a reference for research related to cyber security in the aviation world.

M. G. Jaatun and R. Koelle, “Cyber security incident management in the aviation domain,” Proc. - 2016 11th Int. Conf. Availability, Reliab. Secur. ARES 2016, pp. 510–516, 2016, doi: 10.1109/ARES.2016.41.

M. G. Jaatun and T. E. Faegri, “Sink or SWIM: Information security requirements in the sky,” Proc. - 2013 Int. Conf. Availability, Reliab. Secur. ARES 2013, pp. 794–801, 2013, doi: 10.1109/ARES.2013.106.

ISO, “ISO - ISO/IEC 27035:2011 - Information technology — Security techniques — Information security incident management,” ISO/IEC 27035:2011, 2011. [Online]. Available: https://www.iso.org/standard/44379.html. [Accessed: 16-Aug-2022].

M. B. Line, UNDERSTANDING INFORMATION SECURITY INCIDENT MANAGEMENT PRACTICES: A case study in the electric power industry, no. April. 2015.

T. Yohannes, L. Lessa, and S. Negash, “Information security incident response management in an Ethiopian bank: A gap analysis,” 25th Am. Conf. Inf. Syst. AMCIS 2019, no. July, 2019.

Heather Mahalik, “The Ultimate Guide to Getting Started in Digital Forensics & Incident Response (DFIR) | SANS Institute,” SANS White Paper, 2022. [Online]. Available: https://www.sans.org/white-papers/ultimate-guide-getting-started-digital-forensics-incident-response/. [Accessed: 16-Aug-2022].

Eurocontrol, Guidelines ASM Support Systems Interfaces EUROCONTROL Specification for SWIM Service Description. 2021.

D. Li and R. Zhang, “A framework to mitigate airliner risk in air traffic management,” 2016 IEEE Conf. Commun. Netw. Secur. CNS 2016, pp. 324–332, 2017, doi: 10.1109/CNS.2016.7860500.

A. Khrisna and Harlili, “Risk management framework with COBIT 5 and risk management framework for cloud computing integration,” Proc. - 2014 Int. Conf. Adv. Informatics Concept, Theory Appl. ICAICTA 2014, pp. 103–108, Jan. 2015, doi: 10.1109/ICAICTA.2014.7005923.

Richard Bejtlich, The Tao of network security monitoring: beyond intrusion detection. Boston: MA: Pearson Education, Inc, 2005.

SANS, “Incident Handler’s Handbook | SANS Institute,” 2011. [Online]. Available: https://www.sans.org/white-papers/33901/. [Accessed: 16-Aug-2022].

R. C. Newman, Computer Forensics: Evidence Collection and Management, 1st editio. Boca Raton,FL: Auerbach Publications, 2007.