DoD CIO Urges Vendors to Ensure Commercial Satellite Systems are Cyber Secure
ST. LOUIS — As commercial companies increasingly put more computing power on their satellites and related systems, there needs to be a commitment by industry and users to bolster the cybersecurity of these technologies, the Defense Department’s top information officer said on Wednesday.
“Let’s have cybersecurity on those capabilities, whether it’s on the downlink, whether it’s on the transect between satellites and relays or wherever it is, we must apply cybersecurity principles to what we’re doing on space,” John Sherman, DoD CIO, said at the GEOINT 2023 Symposium here.
Sherman highlighted the DoD’s march toward implementing a zero-trust cybersecurity framework by 2027. A zero-trust approach to information security assumes that an adversary has already compromised network but the network is architected to prevent a bad actor from moving laterally to pilfer and exfiltrate data.
Highlighting that China is the pacing challenge in U.S. national security, Sherman said his office’s top responsibility is to ensure that U.S. and allied forces can operate and survive in the Western Pacific and the ultimate goal being to deter China from ever believing it can attack Taiwan, the U.S. or its allies.
An important lesson for DoD from the ongoing war in Ukraine has been that country’s used of a 300,000-person strong software army, “writing and updating software on the fly” and demonstration the ability to quickly adapt, he said.
The lesson for DoD and its allies is that “Hardware is important but if we don’t live in a software-defined world, we’re going to be behind,” Sherman said.