Caelex for ground segment & data providers
NIS2 and cybersecurity, earth-station spectrum licensing, and data obligations for ground stations, TT&C providers, mission control, and EO-data distributors.
Caelex is the compliance workspace for the ground segment — ground stations, TT&C and mission-control services, and downstream data providers. Ground infrastructure sits squarely in the cybersecurity and critical-infrastructure regimes (NIS2 and national transpositions such as Germany's NIS2UmsuCG and KRITIS framework), requires earth-station spectrum licensing, and — for data providers — carries data-protection and export-control obligations.
Regimes you’ll interact with
NIS2 Directive →
Ground segment is a core space-sector entity under NIS2 — Essential/Important classification, 51 security requirements, and 24h/72h/1-month incident reporting to the national CSIRT.
National cybersecurity →
National transpositions and critical-infrastructure rules — e.g. Germany's NIS2UmsuCG (in force since December 2025) and the KRITIS framework, France's Loi Résilience, BSI technical guidance.
Spectrum / ITU →
Earth-station and gateway frequency licensing via the national regulator (BNetzA, ANFR, Ofcom, ILR) and the relevant ITU coordination.
Data protection & export →
For EO and signal-data providers: GDPR as applied to space data, plus export-control classification where imagery or signal products are dual-use sensitive.
Which Caelex products fit
Comply →
Continuous NIS2 posture, control mapping, incident-reporting workflow, spectrum-licence tracking, and authority correspondence in one workspace.
Sentinel →
Comply sub-system: on-premises evidence agents that hash-chain operational and security data for tamper-evident audit trails at the ground station.
How it works
1. Classify your entity
Caelex determines whether your ground-segment operation is an Essential or Important entity under NIS2 and the applicable national transposition, and derives the security-requirement set.
2. Map controls and licences
Map your security controls against the 51 NIS2 requirements and track your earth-station spectrum licences with the national regulator — gaps and renewals surfaced automatically.
3. Wire up incident reporting
Stand up the 24h / 72h / 1-month incident-reporting workflow to the national CSIRT, with the evidence and timeline captured the moment an incident is opened.
4. Prove it on demand
Sentinel hash-chains operational and security evidence so an audit or authority request is answered from a tamper-evident trail rather than a scramble.
Frequently asked questions
Does NIS2 apply to a ground station operator?
In most cases yes. The ground segment is part of the space sector that NIS2 brings into scope; Caelex classifies your entity as Essential or Important, maps your controls against the 51 requirements, and supports the incident-reporting workflow to the national CSIRT.
How does Caelex handle Germany's NIS2UmsuCG and KRITIS?
Caelex tracks the national transpositions, including Germany's NIS2UmsuCG (in force since December 2025) and the KRITIS critical-infrastructure framework, which explicitly treats space as a critical sector — mapping your obligations to the German regime, not just the EU directive.
Do you cover earth-station spectrum licensing?
Yes. Caelex tracks earth-station and gateway frequency licensing with the national regulator (BNetzA, ANFR, Ofcom, ILR) and the relevant ITU coordination alongside your cybersecurity obligations.
What about EO-data export and privacy obligations?
For data providers, Caelex covers GDPR as applied to space data and flags export-control classification where imagery or signal products are dual-use sensitive — so distribution decisions are made against the actual obligations.
Next step
Run the free compliance assessment or book a personalised demo.