Officials Consider Zero Trust Challenges for Satellite Cybersecurity
Infrastructure experts call for better public-private cooperation to tackle cybersecurity in the planet’s orbit.

Federal leaders are thinking about ways to confront growing threats to cybersecurity of critical infrastructure in Earth’s orbit, officials said at the 2024 Satellite Conference in Washington, D.C., last week.
Ronald Keen, senior advisor of space at the Cybersecurity and Infrastructure Security Agency’s National Risk Management Center (NRMC), said that “every single critical infrastructure sector that we have here in the homeland has direct and indirect dependencies on space-based assets.”
With satellites in space, ground stations on Earth and the actual distance that information travels in between, vulnerabilities exist on an attack surface that can sometimes cover over a third of the planet.
“The space community is maturing at a rate and growing at a rate where we need to really start thinking across the board how we implement for the entire system controls,” said Erin Miller, executive director of the Space Information Sharing and Analysis Center, about the Space Force’s Infrastructure Asset Pre-Approval Program (IA-Pre). The program lays out approximately 400 cybersecurity controls for commercial providers working with government.
“Some of the things that I’ve heard from industry members that are part of the space tech stack is that there are some challenges around how to implement it still — there’s a learning curve associated with it,” she added.
Keen noted that in a zero-trust architecture where everything needs to be validated, space-specific issues like latency can add wrinkles into conventional problems.
“Some of the things we found that they’re not insurmountable, but they are definitely challenges to zero-trust architecture,” Keen said. “One is cross-linking. The other thing is the intra-satellite communication, the handshaking at ground stations. Satellites, unless they’re geo-synced, don’t stay in one place at one time in the process of being handed off. So how does that handle if you’re doing zero trust architecture on handoffs between ground stations?”
As the space industry moves away from siloed applications toward mega constellations operating in low orbit, Keen said, the nation will encounter new complexities, threats and vulnerabilities. He noted that satellite infrastructure is still siloed and will need better collaboration between the private and public sectors to ascertain where the most pressing vulnerabilities are.
Miller said that true cybersecurity can only be achieved as part of a collective, as companies and single government agencies cannot defend themselves against the power and resources of adversarial nation-states’ cyberattacks.
“Despite that being the case these companies are willing to own it and their C-suite takes on the responsibility for security, it’s still a highly complex and dynamic environment. We have to treat it as ‘an attack against one is an attack against all’ and we have to be continuously sharing the best practices for how to manage the threat,” Miller said.
This is a carousel with manually rotating slides. Use Next and Previous buttons to navigate or jump to a slide with the slide dots
-
DOD Can No Longer Assume Superiority in Digital Warfare, Officials Warn
The DOD must make concerted efforts to address cyber vulnerabilities to maintain the tactical edge, military leaders said at HammerCon 2025.
4m read -
Tracking CIOs in Trump's Second Term
Stay informed on the latest shifts in federal technology leadership as new CIOs are appointed and President Trump's second term takes shape.
6m read -
Inside Oak Ridge National Lab’s Pioneer Approach to AI
Energy Department’s Oak Ridge National Lab transforms AI vulnerabilities into strategic opportunities for national defense.
22m listen -
AWS Summit: Innovation Accelerates IT Delivery at DOD
Marine Corps Community Services is tackling outdated IT processes with agile development and cutting-edge cloud security to deliver mission-critical capabilities faster.
12m watch -
AWS Summit: NIST Secures High-Performance Computing Against Evolving Threats
NIST’s Yang Guo reveals the broad attack surface of high-performance computing and explains developing guidance and future-proofing security strategies.
9m watch -
Trump Overhauls Federal Cybersecurity with New Executive Order
The new directive aims to strengthen digital defenses while rolling back "burdensome" software requirements and refocusing AI security.
3m read -
AWS Summit: Forging Successful Cloud Modernization Partnerships
Industry leaders share insights on the critical role industry partnerships have in enabling government agencies to navigate procurement challenges for cloud and zero trust solutions.
24m watch Partner Content -
CISA's CVE Program and Why it Matters for Zero Trust
The vulnerability program provides the cybersecurity community visibility into software as part of a key pillar of CISA's zero trust model.
5m read -
Air Force, Coast Guard Talk Data Security Efforts for AI Development
The services' AI initiatives include efforts like creating clean training data, countering data poisoning and bridging siloed teams.
4m read -
DHS Secretary Urges Congress to Reauthorize CISA 2015
Federal leaders highlight CISA 2015's role in strengthening public-private partnerships and defending against evolving cyber threats.
3m read -
Rep. Gerry Connolly Leaves Lasting Mark on Federal Tech
Connolly's leadership in Congress significantly advanced government IT, emphasizing accountability, efficiency and a robust cybersecurity posture.
4m read -
Agencies Use AI to Boost Efficiency, Cybersecurity Under White House Mandates
DLA and GAO are investigating how AI can boost efficiency and bolster cybersecurity as agencies align with the president's tech directives.
3m read