Space ISAC Prioritizing Cybersecurity To-Do List With Eye on November Launch
Crafting its to-do list for beefing up cybersecurity in commercial space, one Space Information Sharing and Analysis Center priority may be creating a space cybersecurity maturity model akin to a readiness rating for securing information, Space ISAC Vice President-Operations Erin Miller told us. The ISAC was unveiled this spring and hosted a GPS threats webinar in May. It aims to be fully operational next month at its first board meeting, Miller said.
Sign up for a free preview to unlock the rest of this article
Timely, relevant coverage of court proceedings and agency rulings involving tariffs, classification, valuation, origin and antidumping and countervailing duties. Each day, Trade Law Daily subscribers receive a daily headline email, in-depth PDF edition and access to all relevant documents via our trade law source document library and website.
Goals for 2020 include creating an information sharing portal, disseminating information to members about cybersecurity-related threats and vulnerabilities, and potentially holding an international summit in Europe next fall, Miller said. As a sharing ground for information, the Space ISAC could form subgroups to research issues, such as space cybersecurity policy recommendations, she said.
ISACs, comprised of private and public sector members and focused on protection of U.S. infrastructure, came from a Bill Clinton presidential directive. The Space ISAC grew out of the Science and Technology Partnership Forum that NASA, the Air Force and National Reconnaissance Office launched in 2015, with an S&T Partnership Forum study finding a need for a focus on space cybersecurity, Miller said. The agencies tapped Kratos Defense and Security Solutions to be the first board member and help launch it, she said.
The expected low earth orbit constellation boom raises cybersecurity questions and challenges such as satellites' command and control security and how dependent U.S. business infrastructure and critical infrastructure could become on them, said Sam Visner, director of the Mitre-managed National Cybersecurity Federally Funded Research and Development Center. Mitre is a founding board member of the Space ISAC. That cybersecurity work likely will grow to involve other space domains beyond LEO constellations, such as asteroid mining and commercial lunar mission companies, said Mitre Space Systems Director Scott Kordella.
ISACs generally don't get involved in lobbying, with their focus on technical issues and on industry and government cross-sharing of information, Visner said. Prioritizing potential cyberthreats is underway, and control of orbital dynamics and traffic management of mega constellations are "critically important," said Visner.
Miller said the Space ISAC is talking with prospective space community members about which potential cybersecurity threats and vulnerabilities are most pressing. "There are so many, we can't tackle them all," she said. The space cybersecurity maturity model could potentially resemble the cybersecurity maturity model DOD is considering for defense contractors, with cybersecurity systems rated more mature being able to handle wider types of information, she said. The Space ISAC also could look at cybersecurity of downlinks and uplinks, such as risks from lack of encryption, she said.