Satellite associations upgrade high-level cyber policy guidelines to reinforce supply-chain security

The associations include the EMEA Satellite Operators Association (ESOA), the Global VSAT Forum (GVF), and the Satellite Industry Association (SIA).

“Providing supply-chain security has always been of paramount importance to the satellite industry’s delivery of communications for all users, whether they are military and government, corporations, the non-profit and scientific communities, or individual consumers,” the associations said. “But it is imperative that we continue to evolve our strategies.”

Core to the satellite industry’s latest cyber and supply-chain security guidance is that voluntary, industry-led efforts and public-private partnerships be accompanied by voluntary information sharing and that satellite industry organizations should actively address cyber and supply-chain security using best practices for risk management.

Public and Private Sector Collaboration

The satellite industry cyber and supply-chain security initiative builds upon extensive collaboration not only with the private sector, but also with national administrations throughout the world.

Recently leading members of the associations have supported the U.S. Federal Communications Commission’s (FCC’s) Security, Reliability, and Interoperability Council IV Working Group 4 (CSRIC IV WG 4) on Cybersecurity Risk Management and Best Practices. The satellite segment created a prioritized adaptation of the United States National Institute of Standards and Technology’s (NIST) Framework for Improving Critical Infrastructure Cybersecurity (Cybersecurity Framework), emphasizing the importance of organizations’ risk management using flexible measures that are self-reinforcing, tailored to networks’ unique needs, and that build upon international standards.

This builds on the International Telecommunication Union (ITU) leadership of cyber-security initiatives that inform much of today’s cyber and supply-chain security dialogue, and a myriad of other national governments and regional groups that have taken important steps to promote dialogue and development of best practices.

Members of ESOA, SIA and GVF are participating in various cyber and supply-chain security efforts with government agencies, industry working groups, and other international standards bodies. In particular, programs emphasizing the protection of critical infrastructure and promoting the sharing of threat information reduce overall cyber-security risk today, and will continue to do so in the future.

The three industry associations are currently reaching out to all governments to share best practices and lessons learned for effective cyber and supply-chain security. Likewise, as security must be part of an organization’s overall corporate culture, the associations’ members are continuously implementing best practices to protect against evolving threats.

ESOA, GVF and SIA collectively believe that collaboration, not regulation, is the best way for organizations to manage cyber risks. Voluntary information-sharing among the private sector, between the private sector and government, and between the private sector and end users is vital.

About ESOA

ESOA is a non-profit membership organisation dedicated to serving and promoting the common interests of satellite operators from Europe, the Middle East, Africa, and the CIS. The Association today represents the interests of satellite operators who deliver information communication services across the globe. Together ESOA Members provide invaluable communications services to the whole world, including live broadcasting, emergency communications, maritime and aero communications, secure services for governments, 24/7 monitoring of industrial processes such as energy plants, weather forecasting and a whole range of other communications services.