Welcome back to this new edition of Aerospace and Defense Review !!!✖
SEPTEMBER 2022AEROSPACEDEFENSEREVIEW.COM8In My OpinionBy John Fant, Vice President of Advanced Program Development, Lockheed Martin SpaceCybersecurity is a critical area to focus on as we look to our future in space.Cyberattacks are becoming more frequent, severe, and sophisticated. As we've seen in the news, no industry or government agency is immune to them. Cyber adversaries are continuously evolving their operations and techniques.These threats are challenging, but at a basic level, space security is focused on key segments within cyberspace, including satellites, their uplinks, downlinks, crosslinks, ground stations, and supply chains.To improve the overall security of these segments, industry can take these four actions:· Measure Cyber Strengths and Weaknesses: Industry needs to be able to measure the strength of cybersecurity and cyber resiliency for weapon, mission, and training systems. Knowing these strengths and weaknesses helps stakeholders prioritize risks and decide where to invest to establish risk-appropriate levels of cyber defense. When combined with model-based engineering practices supported by reference architectures that incorporate cyber concepts such as zero-trust, systems become much more secure.· Implement Robust DevSecOps: Programs need to implement rigorous Development, Security and Operations (DevSecOps) processes that focus on cybersecurity throughout a program's entire lifecycle, from early shaping all the way through production, operations and sustainment. The objective of DevSecOps is to build inherent cybersecurity into development and to foster the mindset that everyone, not just cybersecurity experts, are responsible for ensuring that all parts of the system, and the system as a whole, are built with security as a focus.· Utilize Cyber Ranges: Realistic mission environment simulations need to be created, including robust red and blue team capabilities, tests and procedures using the latest threat information. Digital Twins and Model Based Systems Engineering, when utilized in conjunction with cyber resiliency activities, greatly enhance the ability to perform higher fidelity cybersecurity testing on space assets. Mature cyber test and evaluation capabilities are critical tools for identifying and mitigating vulnerabilities in space systems before adversaries are able to identify or exploit any weaknesses.· Strengthen Supply Chains: To minimize the risk of malicious interference with sensitive data, software, and hardware components, supply chain channels must be assessed and managed. Additionally, subcontractors need to implement and continuously monitor the necessary security controls within their own environment. Space vehicles are built from components provided by a wide variety of suppliers, and the compromise of those components prior to the space vehicle or satellite ever ending up in orbit is a key concern in the modern threat landscape.How Lockheed Martin is tackling these challengesSpace is a key enabler that must be protected end-to-end. It's critically important to employ common risk- and engineering-based approaches to measure the cyber resiliency of any weapon, mission, and/or training system and to ensure that risk-appropriate mitigations are being considered throughout FUTURE OF SPACE SECURITY: WHAT THE INDUSTRY CAN DO TO IMPROVE CYBER RESILIENCYJohn Fant < Page 7 | Page 9 >
