WASHINGTON — A space industry organization created to share intelligence on cyber threats is holding its first meeting this week with representatives from government agencies to discuss cybersecurity concerns across the national security, civil and commercial space sectors.
The Space Information Sharing and Analysis Center, or Space ISAC, was formally established in April 2019 as a 501(c)(6) nonprofit organization. It plans to start operations this spring with the launch of an unclassified portal where companies can share and analyze cybersecurity information.
ISACs have been around since the 1990s in industries such as aviation, financial services and energy. They were created to collect, analyze and disseminate information about security threats that affect specific sectors.
Officials from several government agencies and the National Space Council two years ago suggested there should be a space-focused ISAC because of the importance of space as critical infrastructure, said Frank Backes, chairman of the board for the Space ISAC and senior vice president of Kratos. The company was the founding member of the Space ISAC. Ten other companies have joined as founding members. Some don’t want their identities disclosed. Universities also are represented in the Space ISAC. Founding members include Booz Allen Hamilton, SES, Lockheed Martin, MITRE and Parsons Corp.
During a meeting with reporters Jan. 23, ISAC board members said their goal is to help companies and government agencies prepare and respond to cyber incidents, and disseminate intelligence among member firms. Backes said the data sharing and analysis portal will be up and running in late spring. Once the portal is in operation, the Space ISAC will work to recruit and vet potential members. The goal is to sign up as many as 200 companies from the commercial, civil and national security space sectors.
Platinum membership costs $50,000 a year, gold $25,000 and silver $10,000. Lower priced memberships will be considered for startups and small businesses. Board members said they do not want the ISAC to become a pay-to-play organization.
The National Cybersecurity Center in Colorado Springs will be the physical location and operational arm for the Space ISAC. In addition to the sharing portal, the ISAC will set up a “space systems vulnerability laboratory” for NCC analysts and ISAC members, said Backes. The NCC is a nonprofit that has received $10 million in investments, he said.
There is growing urgency to bring in commercial space companies into the ISAC as massive new constellations get built, said Sam Visner, director of the National Cybersecurity Federally Funded R&D Center at the MITRE Corp.
“We’re seeing the expansion in commercial space and proliferated LEO [low Earth orbit] systems,” said Visner. “Given the unprecedented numbers of platforms in these new constellations” there has to be a serious discussion about the potential cyber vulnerabilities, he added.
Andre McGregor, a board member of the National Cybersecurity Center, said one of the important functions of the Space ISAC is to create single point of contact for government agencies to reach the private sector during a cybersecurity event.
“The government doesn’t have companies on speed dial,” said McGregor. The ISAC can be that link for the government to the private sector. “It’s up to the ISAC to decide how to disseminate information,” he said.
The Space ISAC board members on Jan. 24 are meeting with representatives from the National Security Council, the National Space Council, the Department of Homeland Security, the Department of Defense, the Department of Commerce and the Department of State.
On June 15 and 16, the Space ISAC will hold its first summit at the Cyber Symposium in Denver.