Space Cybersecurity Information Sharing Group Moves Forward

Space Cybersecurity Information Sharing Group Moves Forward

Private sector and academic institutions involved in commercial space activities are moving forward in establishing a mechanism to share information about cybersecurity threats to satellites and their ground systems.  The founding members of the Space Information Sharing and Analysis Center (Space ISAC) are meeting this week in Washington, DC to finalize the mechanics of the organization and meet with government stakeholders.

Space ISAC is the newest addition to the more than two dozen ISACs created since 1999 to facilitate information sharing across the private sector and with the federal government on cyber and physical threats to critical infrastructure.  Others include aviation, communications, electricity, financial services, health, information technology, national defense, surface transportation, water, and several in the energy sector.

Space systems are not formally designated as part of the nation’s critical infrastructure, but awareness is growing of how critical they are in everyday life, not to mention military operations since the majority of unclassified military communications are transmitted over commercial satellites.

The interagency Science & Technology Partnership Forum and the National Space Council urged creation of a Space ISAC.  Its establishment was announced at last year’s Space Symposium and the first Board meeting was in November.  It is a 501(c)(6) non-profit membership organization.

Frank Backes, Senior Vice President, Kratos Federal Space. Credit: Backes’ LinkedIn page.

The effort is spearheaded by Kratos Federal Space whose Senior Vice President, Frank Backes, chairs the Space ISAC Board.  In conjunction with the Board’s second meeting, he told reporters today that he has been working on this for over two years.  Other founding members include a cross-section of companies, universities and non-profits including Booz Allen Hamilton, Lockheed Martin, Parsons Corporation, SES, Purdue University, University of Colorado-Colorado Springs, Johns Hopkins University Applied Physics Lab, and MITRE’s National Cybersecurity Center.

The Space ISAC is creating an unclassified “sharing portal” where members can share information on threats.  The data will be anonymized to ensure companies do not inadvertently reveal their own vulnerabilities.  The key to success is getting a critical mass of members inputting data to the portal.  Backes said the initial goal is 50 members, expanding to perhaps 200, from across the space sector — launch, satellite and ground system operators and manufacturers, payload designers, system integrators, and others. Members must pay between $10,000 and $50,000 a year, but he said the Board is looking at ways for smaller companies to participate if they cannot afford those rates.

Membership is intended to be global.  Luxembourg-based satellite operator SES is a founding board member, for example. There are limits, however.  Entities in countries identified by the U.S. government as adversaries will not be permitted to join.

He expects the portal to achieve initial operational capability late this spring.  It will be physically located at the National Cybersecurity Center (NCC) in Colorado Springs. Once operational,  a space systems vulnerability laboratory will be established “where analysts from the NCC and Space ISAC members can collaborate and gain expertise in protecting space systems,” Backes said.

Information on threats shared through the portal will be disseminated within the Space ISAC’s membership.

The Space ISAC Board will holds its first industry-government interchange forum tomorrow.  A Space ISAC brochure identifies NASA, NOAA, the National Reconnaissance Office (NRO), the National Security Agency (NSA), the Naval Research Laboratory (NRL), Air Force Space Command (now Space Force), and the Office of the Secretary of Defense (OSD) as “advisors.”  The meeting tomorrow will include the National Security Council, National Space Council, Department of Homeland Security (DHS), DOD, Department of Commerce, and the Department of State among others.  Backes said DHS, DOD and NRO are the three most important government stakeholders to engage with since they have the most information to share with the private sector.

Space ISAC will be represented at a number of conferences throughout the year as it spreads the word and grows its membership.  They include Satellite 2020 in Washington, DC (March 10-12), the Space Symposium in Colorado Springs (March 30-April 2), the Cyber Symposium in Aurora, CO  (June 15-16), the Small Satellite conference in Logan, Utah (August 1-6), and SpaceTechExpo in Bremen, Germany (November 17-19).

User Comments has the right (but not the obligation) to monitor the comments and to remove any materials it deems inappropriate.  We do not post comments that include links to other websites since we have no control over that content nor can we verify the security of such links.