August 9, 2022
ALEXANDRIA, Va. (Kratos/Constellations) — After years in development, the U.S. Space Force has launched the Infrastructure Asset Pre-Approval Program (IA-Pre), establishing new cybersecurity requirements for commercial satellite communications providers working with the U.S. military.
The Commercial Satellite Communications Office (CSCO), a branch of Space Force’s acquisition arm, Space Systems Command, is running the program, which was developed to mitigate cybersecurity risks to Department of Defense missions relying on commercial satellite communication (COMSATCOM).
In the near term, only a few dozen commercial satcom providers will be affected by IA-Pre. Those with existing DoD contracts will have a little over three years to achieve full compliance with the new, high-impact baseline controls and get their products or services on CSCO’s Approved Products. In the future, all COMSATCOM solutions used by the military will go through IA-Pre’s rigorous process of evaluation, security control implementation and evaluation by a qualified third-party assessor.
Cole French is an information security professional with Kratos Defense & Security Solutions, which is on the list of CSCO-approved IA-Pre assessors. He noted that because IA-Pre is an asset-based evaluation, satcom operators will likely find it less onerous than programs like the Cybersecurity Maturity Model Certification (CMMC), which applies at the organizational level.
“Adding security to products can certainly be difficult, but not as difficult as layering security into an organization,” French noted. “I think it will be a little easier for people to get up to speed. As the process builds out and people understand it better, a lot more products will be able to be approved.”
Read the full article: https://www.kratosdefense.com/constellations/articles/ia-pre-rollout-begins-are-satcom-providers-ready
