NASA Urged to Incorporate Cybersecurity Best Practices Into Spacecraft Acquisition Policies

The Government Accountability Office has recommended that NASA develop a plan to incorporate cybersecurity principles and best practices into its spacecraft acquisition policies and standards to ensure that its space vehicles can defend against advanced cybersecurity threats.

GAO found that while NASA has established cybersecurity requirements for its programs, it has yet to implement mandatory cyber rules for the acquisition of spacecraft and other systems.

In 2023, NASA issued a best practices guide on cybersecurity principles and controls and potential cyberthreat mitigation strategies but its implementation is optional for spacecraft programs.

GAO warned that without consistent implementation of cybersecurity controls, NASA lacks assurance that its spacecraft programs “have a layered and comprehensive defense against attacks.”

To address this concern, GAO recommended that NASA create an implementation plan with time frames to incorporate essential security controls into its spacecraft acquisition policies.

Join the Potomac Officers Club’s 2024 Cyber Summit on June 6 to hear from government and industry experts about the dynamic and ever-evolving role of cyber in the public sector. Register here!

ExecutiveGov, published by Executive Mosaic, is a site dedicated to the news and headlines in the federal government. ExecutiveGov serves as a news source for the hot topics and issues facing federal government departments and agencies such as Gov 2.0, cybersecurity policy, health IT, green IT and national security. We also aim to spotlight various federal government employees and interview key government executives whose impact resonates beyond their agency.