Introduction to
Cybersecurity for Commercial Satellite Operations: 2nd Draft of NISTIR 8270 is
Available for Comment
Space operations are vital to advancing the security, economic
prosperity, and scientific knowledge of the Nation. However, cyber-related
threats to space assets and their supporting infrastructure pose increasing
risks to the economic promise of emerging markets in space. This second draft of NISTIR 8270, Introduction to
Cybersecurity for Commercial Satellite Operations,
presents a specific method for applying the Cybersecurity Framework (CSF) to
commercial space business and describes an abstracted set of cybersecurity
outcomes, requirements, and suggested controls.
The draft also:
- Clarifies scope with an
emphasis on the satellite itself, - Updates examples for clarity,
- Adds more detailed steps for
developing a current and target profile and risk analysis, and - Provides references for
relevant regulations around commercial space.
Reviewers are asked to provide feedback on additional threat
models that might help in the development of organization profiles, informative
references on the application of security controls to satellites, and standards
or informative references that might benefit all readers.
The
public comment period is open through April 8, 2022. See the publication
details for a copy of the draft and instructions for submitting
comments