Cybersecurity
Cybersecurity Assessment
A systematic evaluation of a space system's security posture against cyber threats, required under NIS2 and EU Space Act.
Cybersecurity assessment evaluates the security of space systems against cyber threats, a mandatory requirement under both NIS2 Directive and EU Space Act provisions.
Assessment Scope
- Ground segment (mission control, data centers)
- Space segment (spacecraft, payloads)
- User segment (terminals, applications)
- Link segment (communications)
- Supply chain (components, software)
Framework Alignment Assessments typically align with:
- NIS2 Article 21 measures
- NIST Cybersecurity Framework
- ISO 27001
- ECSS-E-ST-80C (space-specific)
Key Evaluation Areas
- Risk management processes
- Incident detection and response
- Access control and authentication
- Encryption and key management
- Supply chain security
- Physical security
- Business continuity
Reporting Requirements
- Self-assessment documentation
- Third-party audit (for essential entities)
- Continuous monitoring evidence
- Incident history and lessons learned
Frequency
- Initial assessment before authorization
- Periodic reassessment (typically annual)
- Triggered reassessment after significant changes