Space Policy Directive 5 — What You Need to Know

Earlier this month, the Trump administration released its Space Policy Directive 5. The directive was designed to help the space industry protect itself (and its vehicles) from cyber threats. Yes, you read that right, cyber threats in space are, in fact, a real thing. The goal of SPD5 is for government and commercial space industry companies which create space vehicles to have protections in place, like encryption software, when designing, building and operating said vehicles.

According to The Verge, “Senior administration officials, speaking on background, claimed that focusing on cybersecurity in space is key right now, as there are growing threats to space hardware from foreign adversaries. “These threats are diverse and complex, and robust public-private cooperation to enhance the security and resilience of an infrastructure is key to our efforts,” one official said.”

Details of the threats mentioned were not given, but cybersecurity principles are apparently important. The Defense Department recently reported on China’s growing space program and how the country is developing weapons like satellite jammers. SPD5 provides guidelines for companies which launch satellites and other vehicles into space. It is suggested that companies stick to these guidelines, as well as various software programs to ensure data encryption. Companies are also encouraged to use trusted supply chains and provide oversight for the safety of their ground systems, as well as protecting against jamming and spoofing of satellites.

“Sometimes the jamming can be fairly crude; other cases, some of the spoofing can be fairly sophisticated if somebody’s trying to get on board,” one official said. “So there’s a whole range of things that you need to look at kind of end-to-end.”

The biggest takeaway from Space Policy Directive 5, though, is that is says government agencies should work with commercial companies to determine cybersecurity best practices. Many companies already have strategies implemented around these areas, so the government doesn’t want to implement top-down requirements. Instead, they want to work with those companies to ensure everyone is on the same page.

If your company is part of the space industry or its supply chain, it is imperative that you read this directive and communicate fully with other parties on the subject. Transparency within the industry is a huge piece of the puzzle in protecting U.S. assets and information from nation states like China. The space industry has been around for decades, but there has never been a more important time for space exploration than right now. Elon Musk’s SpaceX mission success with the Falcon shuttle is evidence that the U.S. is back in the space game.

As humans dive deeper into the space race, looking to find other habitable planets, exploring our solar system and seeking ways to transport civilians into space, the need for global regulations is fast approaching. It starts with individual countries, however, so what we are seeing is only the beginning. If your company is part of the space industry, whether it’s part of the supply chain or something else, you must ensure your private and proprietary information remains protected. Follow the directive, talk with other companies and see what is being implemented across the board, ensure data is encrypted and information isn’t exposed. What you do today has a massive impact on whether or not your business will survive tomorrow.

Originally published at https://www.pwvconsultants.com on September 22, 2020.