Interplanetary exploration will rely on a complex supply-chain network from terrestrial/on-ground to low earth orbit onto the Moon, Mars and beyond. This new interplanetary supply chain will exploit the same emergent technologies that have given rise to the disruptive forces that mark our entrance to the 4th Industrial Revolution. Cloud, artificial intelligence, blockchain and additive manufacturing are already forming the core foundational components of the architectures that enable space technologies to be delivered and funded turnkey “as a service,” allowing for democratization of space and space data access, significantly lowering the barrier to entry. Bank of America expects the space industry to triple to a US$1.4 trillion market within a decade, forecasting the industry’s revenue growth by 230% – from about $4.2 billion in 2019 to about $1.4 trillion in 2030.
Yet, with all advancements, there is risk. The value of the digital and physical cargo to be transported is immense. Assets mined on planets and small bodies may be worth more than the total value of the Earth’s current economy. The intellectual property digitally transported across these complex supply chains will provide nations and companies with an incalculable competitive advantage. And the same architectures that support terrestrial-based digital supply chains will be just as exploitable as those in space.
In 2020, the US government published the policy directive, Cybersecurity Principles for Space Systems, that outlined five main principles:
- All space ecosystems should be designed and operated using risk-based, cybersecurity-informed engineering
- Space ecosystem owners should develop and implement cybersecurity plans that protect against unauthorized access to critical space vehicle functions, reduce the vulnerabilities of a space vehicle’s command, control, and telemetry receiver systems, protect and defend against communications-based attacks and anticipated threats during the entire mission lifetime, and manage the supply chain risks that affect cybersecurity of space systems
- Codify these principles through rules, regulations, and guidance to ensure enhancement of space system cybersecurity
- Collaborate with other space system owners to promote the development of best practices to the extent permitted by applicable law
- Security measures should be designed to be effective while enabling space system owners and operators to manage appropriate risk tolerances and minimize the undue burden
Information security and GRC professionals need to expand our knowledge and, quite frankly, imagination to include the applied sciences involved in space. We have to become more experienced in life safety systems. AI needs to be foundational to all cybersecurity and GRC professionals’ training as we will be working alongside thinking systems in harsh environments where there are microseconds between life or death.