The Space Information Sharing and Analysis Center (ISAC) issued a statement in response to Space Policy Directive (SPD-5), released on Friday, September 4, 2020, by the Trump Administration, establishing a framework for cybersecurity best practices for space systems and “key cybersecurity principles to guide and serve as the foundation for America’s approach to the cyber protection of space systems.”
SPD-5 is an important recognition of the significant role cyber plays in space and ground for government and commercial space systems. The Space ISAC hopes this first step leads to thoughtful regulations and standards that build on these principles, many of which have already been implemented by our members. This will ultimately help manufacturers and operators plan for and develop robust cyber security defenses and maintain higher levels of readiness. SPD-5 and the cooperation between industry and governments worldwide it promotes are essential in today’s environment of ever-increasing threats to space systems. The Space ISAC welcomes SPD-5 as a step forward in security space systems and a continuation of the work that Space ISAC has already started.
Erin Miller, Vice President of Operations for Space ISAC, said “SPD-5 is aimed at the core of the Space ISAC’s vital mission to advance the exchange of information across a wide range of space-related cybersecurity issues and others. Space ISAC serves in a public-private partnership role that allows the space industry to inform the direction of space security standards, and we’re excited for our members to continuing collaborating with U.S. government agencies and international partners in this effort.”
Cooperation and collaboration are exactly why the Space ISAC was established. SPD-5 reinforces the coordination core value of the Space ISAC, furthering joint cybersecurity action specific to the space sector. The Space ISAC was created employing many of the same principles outlined in the SPD, for example, the Functional Areas and Analytic Working Groups (AWG) designed to address the threats identified in SPD-5.
The Space ISAC facilitates collaboration across the global space industry to enhance our ability to prepare for and respond to vulnerabilities, incidents, and threats; to disseminate timely and actionable information among member entities; and to serve as the primary communications channel for the space sector with respect to this information. This will be made possible through cooperation among a broad membership that spans the entire horizon of the space industry, including organizations large and small involved in the space supply chain, space missions, education and research, space business systems, cybersecurity, and more.
The Space ISAC’s first step in information sharing is the planned release of the Space ISAC’s first product — a daily space industry Media Analysis Report. This exciting new OSINT product focuses on current news affecting the space community globally. Highlighted main topics include Space, Intelligence, and Cyber news. From this initial report, the Space ISAC will generate additional products to propel cybersecurity awareness.
ISACs are sector-specific, member-driven organizations established by the commercial sector with support from the federal government to collect, analyze, and disseminate cyber and physical security threats and risk mitigation information to critical infrastructure owners, operators, and members to increase resiliency.
The Space ISAC is the only space-dedicated ISAC and is made possible through the investment by its board and founding members. Its board is comprised of leaders in the space industry, cybersecurity sectors, academia, and FFRDCs, and includes Kratos Defense & Security Solutions, Inc. (NASDAQ: KTOS), Booz Allen Hamilton (NYSE: BAH), MITRE, SES, Lockheed Martin (NYSE: LMT), Northrop Grumman (NYSE: NOC), Parsons Corporation (NYSE: PSN), Purdue University, the Space Dynamics Laboratory, the Johns Hopkins University Applied Physics Laboratory, the Aerospace Corporation, and the University of Colorado Colorado Springs. Each board member has a role in fulfilling the mission of the ISAC.
The need for a Space ISAC was conceived by the Science & Technology Partnership Forum in 2017 in response to recognized information sharing gaps within the cybersecurity and space community with the goal of enhancing the community’s ability to prepare for and respond to vulnerabilities, incidents, and threats; disseminate timely information; and serve as the primary communications channel for the sector with respect to this information. The Forum shared this vision at the 34th Space Symposium in April 2018. In September 2018, the White House published the White House’s National Cyber Strategy, which stated that “the Administration will enhance efforts to protect our space assets and support infrastructure from evolving cyber threats,” while working “with industry and international partners to strengthen the cyber resilience of existing and future space systems.”
The establishment of the Space ISAC was announced in April 2019 during a session at the 35th Space Symposium and is headquartered in Colorado Springs, CO, co-located with the National Cybersecurity Center (NCC). NCC serves as the executive, operational, and administrative function of the Space ISAC.