Skip to content

NASA Must Improve Spacecraft Cybersecurity, GAO Report Finds

Posted by: GuidePoint Security

< 1 min read

May 7, 2024 – Published on Security Boulevard

Houston, we may have a problem. NASA’s cybersecurity framework for spacecraft development is inconsistent and must be improved, according to a 34-page review by the U.S. Government Accountability Office (GAO).

The GAO report highlighted the need for mandatory cybersecurity updates throughout the space agency’s $83 billion space development project portfolio.

The U.S. government agency urged NASA to develop a plan with timeframes for policy updates. “NASA risks inconsistent implementation of cybersecurity controls and lacks assurance that spacecraft have a layered and comprehensive defense against attacks,” the report said.

While contracts for reviewed projects include cybersecurity requirements, the space system protection standard, NASA-STD-1006, approved in October 2019, provides limited guidance for cybersecurity.

“Cyber threats evolve rapidly as attackers constantly develop new techniques and tools to exploit vulnerabilities,” said Chris Warner, ICS/OT security strategist at GuidePoint Security. “With regular updates, security measures can be updated to defend against these new threats, such as AI.”

Read More HERE.

Categories: Governance, Risk & Compliance
Tags:cybersecurity

GuidePoint Security

US critical infrastructure cyberattack reporting rules inch closer to reality
March 28, 2024 – Published on The Register America’s long-awaited cyber attack reporting rules for critical infrastructure operators are inching closer […]
View Page

Related Articles

View All

  • Governance, Risk & Compliance
US critical infrastructure cyberattack reporting rules inch closer to reality
Read More < 1 min read
  • Cybersecurity
Another Cyberattack on Critical Infrastructure and the Outlook on Cyberwarfare
Read More < 1 min read
Governance, Risk & Compliance
Read More 3 min read