Securing the Final Frontier: The Need for Public-Private Collaboration on Space Cybersecurity

Government and industry approaches to a new age of space innovation are converging more quickly today than ever before. Private companies are far outpacing governments in launching satellites into Low-Earth Orbit (LEO) – SpaceX alone is responsible for over 7,000. At the same time, the U.S. government is adopting commercial practices to field smaller, cheaper satellites faster. The U.S. Space Force Space Development Agency (SDA) is launching a satellite constellation designed for the warfighter that more closely resembles Starlink in size and reduced cost than the bulky, billion-dollar military space projects of the past.

In just a few decades, LEO has become a kaleidoscope of thousands of systems operated by a diversity of operators spanning governments, private industry, and academic institutions. The uses these space systems provide to the most sophisticated militaries, everyday citizens and everyone in between are just as varied, spanning real-time battlefield awareness to phone and internet connectivity on planes or in rural areas cell towers don’t reach.

The Hidden Cyber Threat Landscape

Threats – often from nation-state actors who seek to cause havoc by targeting space systems to disrupt the services they provide on Earth – are a common challenge to space operators and users. In the past year, media sources extensively covered existential threats to satellites like Russia’s apparent attempt to field a nuclear-capable space weapons program, a clear violation of long-established Outer Space Treaty commitments. While these and other weapons system developments are possible to monitor, other threats are much harder to see, and in this way much easier for threat actors like Russia and China to use.

Cyberattacks are one of the most persistent challenges facing government and industry, including space operators. Yet there is relatively little open-source data on their prevalence. As noted in the annual space threat assessment, cyber attackers’ motivations and objectives, as well as their very identities, are often opaque to the public. Despite these critical challenges, cyberattacks on space systems can be found in plain sight: the Associated Press recently reported a television satellite servicing Ukraine was hacked in May by Kremlin-affiliated hackers to broadcast Moscow’s Victory Day parade, demonstrating such attacks remain an ongoing tool of modern multi-domain warfare.

Collaboration Gaps Today

One of the biggest impediments to public-private collaboration on space cyber threats is information asymmetry: space industry largely does not have access to relevant cyber threat information that only government possess. A parallel challenge arises when governments may have more information on cyber threats to their systems, or that of a company, but are unable to share that information publicly for classification reasons. Within space industry, experts find that their own space and cyber missions are largely disconnected, with cybersecurity often considered an hinderance to a company’s core space mission.

Lessons and Outcomes from a Workshop Approach

For two years, I led the Biden White House’s efforts to coordinate across government agencies and space industry to understand cyber threats and develop policy solutions to protect space systems. I worked with partners to design a nation-wide workshop series where U.S. space companies – ranging from startups to large defense contractors and everything in between – could join my colleagues and me for candid discussions on the current state of the space cybersecurity landscape and identify ways the government could address urgent challenges.

We traveled across the country to meet with companies based in space industry hubs from Southern California to Coastal Florida. Through countless hours spent in conversations with over 125 U.S. and multinational firms, we gained crucial insights that directly influenced presidential policymaking.

Following the industry workshops, we summarized the insights and shared them with other departments and agencies. Based on the findings, all government offices responsible for space and cyber policy worked together to lay out minimum cybersecurity requirements for space systems that were ultimately included in President Biden’s final cybersecurity executive order, which the Trump Administration carried forward later in 2025. This experience demonstrated the power and critical importance of governments working with industry experts to design sound, technical policy and requirements.

The Path Ahead

Looking forward, the next generation of space cybersecurity leaders need not start from scratch. They can build on this approach and the many insights learned to make progress on protecting space systems from present and future cyber threats.

Governments cannot sit by and choose to ignore the hard work of actively engaging space industry, including by lowering classification levels or even de-classifying relevant threat information where possible. Industry cannot afford to fly blindly when it comes to understanding cyber threats or largely relegate cybersecurity to a second- or third-tier function within their organizations.

The small yet growing community of space cybersecurity experts – within and outside government – must take on the mantle of ensuring close collaboration on cyber threats. While useful forums like the Department of Homeland Security-convened cross-sector space working group have been paused by the current Administration, government and industry cannot afford to stop convening and communicating about important trends and threats.

In the near term, industry groups such as the Space Information Sharing and Analysis Center (Space ISAC) and national security-focused think tanks may need to fill the convening vacuum. A government venue and sponsor is ultimately less important than ensuring collaboration continue in the face of persistent threats.

As commercial and government approaches and physical assets become more deeply intertwined, protecting space assets from hidden cyber threats is more critical than ever. Only by working together on innovative public-private solutions can we sufficiently protect the space systems our modern world depends upon. VS

Lauryn Williams is the deputy director and senior fellow in the Strategic Technologies Program at the Center for Strategic and International Studies. Until January 2025, she was chief of staff to the assistant secretary of defense for industrial base policy within the Office of the Under Secretary of Defense for Acquisition and Sustainment. From 2022 to 2024, Lauryn was director for strategy in the White House Office of the National Cyber Director and led the strategic initiative on space system cybersecurity.