Understanding cybersecurity challenges and obligations in the space sector
10th of October 2024, 16.00-17.00 CEST
As digital technologies have become increasingly embedded in society, the security threat of digital or cyber disruption has the potential to impact us all. The space sector is not spared. As strategic demands place a higher importance on space assets, and the global geopolitical context becomes increasingly volatile, the threat of cyber disruption becomes greater. Businesses, operating through the use of space assets, are hence at risk. But how severe is that risk and how can companies be protected against it?
Cybersecurity threats have an impact on all entities and infrastructure in the space ecosystem, whether spatial or ground infrastructure, upstream or downstream entities, and public or private sector. Given the critical nature of cybersecurity threats and their potentially wide-reaching impacts, the European Union has introduced several cybersecurity requirements through legislative and regulatory instruments such as the NIS 2 Directive and the EU Space Strategy for Security and Defence. It is also highly likely that security and resilience will be a key pillar of the future European Space Law.
The NIS 2 Directive expands on the responsibilities of essential service providers, including those in the EO sector, by enforcing stricter security standards, mandatory risk management, and incident reporting requirements. Whilst the NIS 2 obligations may only directly apply to a handful of entities, cybersecurity threats and cybersecurity obligations are relevant to all entities in the space sectors. Small and medium-sized enterprises (SMEs) and EO added-value service providers, for example, often face disproportionate risks from cybersecurity threats due to limited resources and awareness.
In these cases, third-party risk assessments and supply chain security-related risks are critical considerations for businesses of all sizes. Understanding these risks and their implications can help companies secure their infrastructure, safeguard data and ensure the continuity of their operations in the face of growing cyber threats.
In light of these risks and need for information exchange, EUSPA – the European Union Agency for the Space Programme – and the European Commission established the EU Space Information Sharing and Analysis Centre (EU Space ISAC). This initiative seeks to enhance collaboration and information sharing between public and private entities to protect space assets and ensure the security of critical space-based infrastructure. With many EARSC members already taking part, the EU Space ISAC serves as a network where companies, including those in the EO industry, can share cybersecurity information and best practices to defend against evolving threats.
Join our host Geoff Sawyer (EARSC Strategic Advisor and former Secretary General) and Monika Adamczyk (Cybersecurity Expert, ENISA) as they explore the main cybersecurity threats facing the space sector and EO companies, the key aspects of the existing and future regulatory environment. They will also be joined by Cédric Ia (Cyber and Risk Security Engineer, EUSPA) who will shed light on relevant information-sharing initiatives such as the EU Space ISAC.
Some questions that could be addressed during this EOcafe include:
- What is ENISA and what are its main activities?
- What are the main cybersecurity threats and vulnerabilities currently facing the space sector?
- How does the NIS 2 Directive impact the cybersecurity obligations of space companies?
- What is the EU Space ISAC initiative? And how does it promote collaboration and information-sharing to enhance cybersecurity in the space sector?
- How can EO service providers better protect their data and infrastructure from cyberattacks, particularly in the context of critical infrastructure?
- What role does risk management play in ensuring the resilience of the space sector’s supply chain, and how can EO companies develop effective risk mitigation strategies?
Registration: The webinar is open to all. Registration is free but compulsory.
Please note this is a virtual event!
EOcafe is part of a series of EARSC meetings that offer timely, relevant, and practical information on a broad variety of topics related to the EO sector. Join us every two weeks to discuss and network while enjoying a cup of coffee with friends.
IMPORTANT NOTES!!!
- The use of a video camera is not mandatory but is encouraged to facilitate better interaction between the attendees and the guest speaker(s).
- The EOcafe will stay open after 17:00 in case our guests want to continue the discussion.
- By registering for this event, you accept the terms and conditions (https://earsc.org/wp-content/uploads/2021/03/EARSC_Events_GDPR.pdf).
If you have any questions, and/or you want to know more about the EOcafe, and/or you want to share an idea about a future EOcafe, please contact Tanya Walker (tanya.walker@earsc.org).