Space ISAC Stands Up Operational Watch Center to Respond to Threats in Real Time
Space ISAC is opening a physical Operational Watch Center to monitor, analyze, and respond to cyber threats to space systems in real time.
Analysts will support the Watch Center by monitoring data feeds, detecting threats, building incident reports, and sharing information. Up to 10 analysts will physically work in the Operational Watch Center, co-located at the National Cybersecurity Center in Colorado Springs, Colorado. It will operate 10 hours a day five days a week in its initial operating phase, with the goal of scaling up to 24/7 operations.
The center opened on March 19. Space ISAC leaders said in a Thursday press conference that the center will help the space industry respond holistically to cyber threats as they become more common, and as U.S. critical infrastructure is increasingly reliant on space systems.
This center will allow Space ISAC to work in real-time against threats, said Frank Backes, Space ISAC chairman and senior vice president of Kratos Space Federal.
“The Watch Center represents our ability to move into an operational state that allows us to work during a threat, as opposed to just analyzing the threat and coming out with mitigations over time,” Backes said. “The Watch Center allows us to work those issues in real time.”
Backes said opening this center has been a long-time goal of the Space ISAC. When the group first stood up in April 2019, it had the initial goal was to scale to an operational capability.
The center brings together manufacturing, launch, and ground station operators together for better information sharing, said Sam Visner, vice chair of the board of Space ISAC and tech fellow with The Aerospace Corp.
“Now those sectors can come together and share information. What we see from a threat perspective that affects one segment of the space sector, we will be able to pass to as many of the segments of the space sector as might be affected. This will speed up our response,” Visner said. “We’ll see threats faster, be able to analyze them faster, come up with a holistic perspective about those threats faster, and disseminate information faster. Our members will be able to take action faster than they would have in the past.”
Space ISAC routinely shares free alerts and advisories from members and partners with current adversary activity. Its members receive daily notices of cyber threats, incidents, and vulnerabilities to critical systems.
Space ISAC Executive Director Erin Miller said the center has a Microsoft Azure-hosted cloud architecture which will also allow members to remotely access the Watch Center. “This collaborative environment offers visualization of threat information, allowing us to rapidly detect, assess, and respond to vulnerabilities, incidents, and threats to commercial space systems,” Miller said.
Space ISAC is also launching a fellowship program with a 12-month training program for students, early career professionals, and transitioning military and government personnel to develop skills in cybersecurity and threat intelligence.
The operational center will help the industry get ahead of growing cyber threats to the national and critical space assets, said Sreenidhi Tummala, software engineering director for the DevSecOps organization at Lockheed Martin Space.
“Looking forward to future conflict, there’s little doubt that space assets are going to be targeted,” Tummala said. “We really believe the enhanced capabilities of the Watch Center will foster more information sharing among the industry, which then allows us to have greater awareness of the potential threats and allow us to coordinate a better united response to be able to address those attacks.”