Cybersecurity in the space sector is a topic increasingly discussed and recognized as central. For instance, the UK Space Industry Regulations 2021  expressly addresses cybersecurity, whilst in the United States Space Policy Directive-5 had already established a set of cybersecurity principles for space systems.

In the EU, alongside the EU’s Cybersecurity Strategy, two new proposals (one for cybersecurity – NIS 2 Directive – and another for resilience of critical entities – CER Directive) were issued at the end of 2020, which will apply, for the first time, to the space sector, to “operators of ground-based infrastructure, owned, managed and operated by member states or by private parties, that support the provision of space-based services[…]” The proposals bring extremely demanding obligations for in-scope stakeholders and substantial consequences in case of breach.

What is more, a revision of the Radio-equipment Directive (RED) aimed at strengthening the cybersecurity of wireless devices and products was approved, whilst a Cyber Resilience Act setting common cybersecurity standards for connected devices is expected in 2022.