The Space Information Sharing and Analysis Center, a U.S. industry-run nonprofit that helps commercial space operators share data about cyberattacks and other threats, is expanding to the U.K. and other American allies, aiming to build a global organization that will protect civilian space assets as geopolitical tensions and the dangers of extra-terrestrial war grow.
Set up five years ago in Colorado Springs, Space ISAC has a watch center where analysts from U.S. Space Command and ISAC member companies pore over real-time data feeds recording cyberattacks, space weather events, and other potential threats to satellites, and issue bulletins for members reporting imminent dangers and suggesting defensive measures.
”From the very beginning, given the global nature of space infrastructure, and the space environment, we anticipated that Space ISAC would be a global organization, with partners all over the world,” Sam Visner, chairman of the Space ISAC board of directors, told Air and Space Forces Magazine.
The move to the U.K. comes as the war in Ukraine, which opened with a cyber attack against the ground terminals of U.S. satellite operator Viasat, has provided repeated demonstrations of both the centrality of commercial space capabilities to modern warfare and their fragility.
The Space ISAC have agreements in place to expand to Australia as well, Visner said, mentioning the AUKUS framework, a trilateral security partnership between Australia, the U.K. and U.S. focused on defense technologies. Space ISAC is also looking to expand to Japan and possibly South Korea, he added, arguing that democracies have to work together in space.
“We are allies and partners because our relationships are founded on our values,” Visner said. “There’s a lot we can gain from working with allies and partners, and we think they gain a lot from us.”
The Space ISAC U.K. forum was established Oct. 10, Space ISAC Executive Director Erin Miller told Air and Space Forces Magazine.
“That’s the process, first we have a forum, and then we start getting analysts assigned [to work in the watch center] and establish a [U.K.] hub for the watch center,” she said. The time difference would help extend the center’s hours of operation without having to assign analysts to work overnight. “It’s a ‘follow the sun’ model,” she said.
In the U.S., the Space ISAC’s government partners assign analysts to work in the watch center, she said. It wasn’t clear whether that would also happen in the U.K., but there would be “bi-directional sharing” with government partners. She said that she expected U.K. members would be just as keen to assign analysts to their local watch center hub as their counterparts are in the U.S.
“Usually they’re eager to do it,” she said, adding the posting offers unique opportunities for analysts to learn new skills and grow their knowledge base. “There’s not very many places you can go, if any, to learn cybersecurity, space, and intelligence all at the same time,” she said.
One British executive, who wasn’t authorized to speak to the media, described the Space ISAC’s arrival in the U.K. as “the cavalry coming,” referencing the ISAC’s information-sharing portal and the other collaborative tools the organization offered.
“We need these [collective defense] capabilities,” the executive said.
The British military’s U.K. Space Command and its civilian counterpart, the U.K. Space Agency, through their National Space Operations Centre, provides bulletins for industry partners about space weather, space debris, and potential orbital conjunctions—where the orbital tracks of two different satellites come close enough that there’s the possibility of a collision. And the National Cyber Security Center, part of GCHQ, the British equivalent of the NSA, runs a Space Information Exchange which distributes a weekly email round up of relevant threat intelligence and cyber attack reporting. But executives say there’s no real time cyber warning service like the one Space ISAC offers available for the U.K. space sector.
“It comes down to resources. … The government spending on space is an order of magnitude smaller than in the U.S.,” said Kevin Jones, a former RAF aviator who now works for CGI, a multinational IT services and products vendor headquartered in Canada.
The U.S. government spent about $73 billion on space in 2023, according to Statista, out of a global spend by all governments worldwide of $117 billion. The UK government spent just $1.45 billion.
The effects of that trickle down into the private sector, Jones explained. “In the U.S., you have the big primes, the 800-pound gorillas. In the UK, the space sector is about 1,700 companies and most of them are small- and medium-sized businesses,” he said.
The resource issue isn’t just about money, Jones noted. “Another big difference between the UK and the U.S.o is that you have these federally funded research and development centers,” he said, referring to institutions like Mitre’s National Cybersecurity FFRDC and the Aerospace Corporation, both of which are members of the Space ISAC. “That independent advisory role is very important,” Jones said.
CGI’s U.K. Space Defence and Intelligence business unit, which provides secure ground systems for space operators including the U.K. Space Agency and U.K. Space Command, is one of the first sign-ups for Space ISAC’s U.K. forum.
“Obviously, we see the value in being able to contribute to and consume threat data whether it be about natural hazards or a man made cyber or electromagnetic attack against any of our systems in the space domain,” said Jones.
CGI is sending one of its analysts to study at the University of Colorado Colorado Springs campus, taking a new course to train space information systems security officers. It’s the only training program designed to combine cybersecurity and space expertise, he said. “It’s brand new and it’s very exciting,” he said.
The ISAC also represented a “fantastic opportunity” to learn more about the capabilities other companies were bringing to the table, said Jones. “The space sector is experiencing phenomenal growth. So keeping track of who is doing what in the sector, knowing who is bringing what to the party, that is a good value.”
Jones added that CGI’s experience demonstrated all three of those value propositions: “We’ve raised our collective defense, because we can understand, identify and mitigate threats and attacks. We’ve improved our intellectual capacity. We’ve improved our ability to network and talk,” he said.
Jones added that the expansion is not just timely, but badly needed.
“Space ISAC is an industry-paid for, industry-led vehicle. Industry is taking responsibility to get after this problem,” said Jones.