The Satellite Industry Association (SIA) and Global VSAT Forum (GVF) – leading trade associations representing the satellite communications industry – have released a joint statement on the satellite industry’s commitment to cybersecurity, articulating core principles for cybersecurity and encouraging all segments of the satellite industry to continue efforts to address the dynamic challenge of cybersecurity.
The statement emphasizes the criticality of cybersecurity to the satellite industry’s core goal of providing mission critical, highly reliable, and secure connectivity. “The satellite industry has a long history of providing secure solutions to diverse global customers,” the associations said, “including military and government users, corporations of every size and type, the non-profit and scientific communities, and individual consumers.”
Drawing upon the industry’s experience, SIA and GVF have identified three principles that—although not intended to be a comprehensive roadmap or exhaustive list—should be at the center of private and government efforts to promote national and global cybersecurity:
Voluntary, industry-led efforts and public-private partnerships are the optimal way to address cybersecurity at the national or international levels.
Robust cybersecurity is aided by voluntary information sharing, free from fear of adverse consequences.
Satellite industry organizations should actively address cybersecurity using industry best practices for risk management.
The associations expand upon these principles in the statement, offering further details of how they might be implemented by companies throughout the satellite industry and through government efforts. In addition to articulating these core principles, the joint statement also details numerous initiatives within national governments, intergovernmental organizations, and international standards bodies evidencing the satellite industry’s foundational and long-standing commitment to cybersecurity.
The joint statement and core principles are a product of the important lessons for effective cybersecurity learned by SIA and GVF members. The associations stress that security and risk management should be part of an organization’s overall corporate culture. Organizations should, implement and maintain best practices to protect against evolving threats, including by leveraging industry-driven resources to inform their own development of voluntary, proactive, risk-based approaches to mitigate risks. Collaboration, not regulation, is the best way for organizations to manage cyber risks, the associations argue. Finally, voluntary information-sharing among the private sector, between the private sector and government, and between the private sector and end users is vital.