Airports are in a competitive environment, seeking to enhance their appeal, improve their customer experience and innovate with digital transformation. Safety and security remain paramount and have converged, with cyber security becoming an increasing and enduring focus, given the increasing number of high-profile incidents and new regulation. The introduction of the European Network and Information Systems (NIS) Directive underlines the necessity for airports to actively manage cyber security risk to maintain services and ensure their rapid restoration in the event of a cyber security incident. Both airports and regulators have recognised the importance of managing critical supply chain risk is a collaborative responsibility, achieved with trusted partners to maintain cyber resilience.