By Ron Faith, Chief Operating Officer
As space has become a contested domain and much of the value of space is in the data, the cybersecurity of ground station systems has become of critical importance. With the increase in the number of small satellites in low earth orbit and a global network of ground stations needed to provide low latency for data getting between low earth orbit and end users, the threat surface for cyberattacks has grown significantly.
At RBC Signals, we take cybersecurity very seriously as should all providers of ground systems for government and commercial customers. The first step in a good cybersecurity strategy is having a risk management framework (RMF) to determine what assets are most attractive to adversaries and how they should be protected. This means taking into account physical and virtual assets and the cost associated with the bad guys getting access to those assets. What data do you have in transit (e.g. command and control communications, earth observation data being transferred, live monitoring information) and what data do you have at rest (e.g. databases with satellite information, data being stored, secure APIs)? How is this data encrypted, stored securely, and how are your encryption keys being managed?
Fortunately, there are standards that can be followed that provide a roadmap to a base secure environment. The current framework for cybersecurity comes from the National Institute of Standards and Technologies (NIST), specifically listed in NIST 800-171. A new audit framework called Cybersecurity Maturity Model Certification (CMMC) for ensuring NIST 800-171 compliance is in the process of being created and expected to be rolled out by the end of 2020. The CMMC will have different levels of security maturity. Cybersecurity maturity levels will range from 1 through 5, with 3 being the base desired level and 5 being the most rigorous.
We believe the entire space industry must evolve to meet modern and future cybersecurity threats that will continue to allow the valuable data generated in space to be used for its intended purpose and not used for any unintended purposes. While frameworks listed above provide current guidance on cybersecurity, it’s important to monitor for any recommended changes on a regular basis. Security operations should be a continuous effort since threat actors release new attack tools on a daily basis. Using a risk model to assess the strength of existing controls against these evolving threats can address most potential security vulnerabilities. In the event that a security breach does occur, having established procedures to respond rapidly and effectively is critical. We are entering a brave new frontier and as with any new frontier, steps need to be taken to secure our collective futures. Remember, security is a lifestyle, not a point in time feature.