WASHINGTON In one of the final space-focused acts of the Biden administration, an executive order has been issued that mandates comprehensive cybersecurity reviews for ground systems and contract requirements of civil space systems. This order, released by the White House on January 16, 2025, is a significant step in addressing growing concerns about cybersecurity risks affecting space systems.
The provisions of the executive order are part of a larger effort to bolster national cybersecurity. These initiatives encompass a range of actions, from enhancing sanctions against cyber attackers to utilizing artificial intelligence (AI) and post-quantum cryptography to safeguard critical infrastructure. One of the key areas of focus within the executive order is the increasing threat posed to space systems.
The White House highlighted that “Cybersecurity threats to space systems have risen dramatically, threatening global critical infrastructure and communications,” underscoring the severe consequences that could result from a disruption of space systems. Such disruptions could not only halt global commerce but also jeopardize national security.
A critical section of the executive order addresses the cybersecurity of ground systems utilized by civilian government agencies. Under this directive, the National Cyber Director is tasked with reviewing these systems and making recommendations to enhance their cyber defenses. The review report is expected to be submitted to the Office of Management and Budget (OMB) within 120 days of the order’s enactment. Once the report is received, OMB has an additional 90 days to take necessary steps to ensure compliance with the updated cybersecurity requirements.
The executive order also directs a review of contracting requirements for civil government space systems. Specifically, NASA, the Department of Commerce, and the Department of the Interior are required to assess and propose updates to the Federal Acquisition Regulations (FAR) within the next 180 days. These proposed updates will focus on incorporating cybersecurity standards into the contracts for civil space systems, adopting a risk-based, tiered approach for new systems.
The scope of these cybersecurity requirements will extend to protecting the command and control of space systems, detecting and responding to anomalous activities, and ensuring secure software and hardware development practices. These steps are designed to safeguard the on-orbit and link segments of civil space systems.
Following the review, the Federal Acquisition Regulatory Council, responsible for overseeing FAR, will have 180 days to take appropriate action based on the recommendations. This includes modifying the regulations in a way that aligns with applicable laws and enhances the security of civil space systems.
The executive order builds upon previous initiatives to strengthen the cybersecurity of space systems. Notably, the Trump administration’s Space Policy Directive 5 (2020) outlined best practices for securing space systems, while the Biden administration’s March 2023 National Cybersecurity Strategy also focused on enhancing the resilience of U.S. space systems by formally implementing these best practices.
This executive order represents the Biden administration’s final action on space policy, largely carrying forward the efforts of previous administrations in shaping space policy and cybersecurity. One notable area of contention, however, was the unsuccessful push for creating a “mission authorization” system to oversee emerging commercial space activities. Despite these setbacks, the administration expanded the role of federal agencies within the National Space Council, although its activities were criticized for lacking the vigor seen during the Trump administration.
Looking ahead, it remains uncertain whether the second Trump administration, should it emerge, will continue the council’s work. Nevertheless, the cybersecurity initiatives outlined in this executive order are poised to play a crucial role in securing the future of civil space systems in the face of escalating cyber threats.
Image Caption: Executive Order on Cybersecurity Strengthens Space Systems Protection
Image Alt: A graphic showing the White House executive order on cybersecurity for civil space systems.
