Monday, November 17
UnclassifiedThe opening keynote sets the tone for CyberSat 2025, bringing a front-line international perspective on space system cybersecurity. Captain Field serves as the Australian Defence Force Liaison Officer to United States Cyber Command, providing unique insight into how allied nations are collaborating to address cybersecurity threats to space assets and critical infrastructure.
As the DOD’s Chief Information Officer, Ms. Arrington oversees the defense enterprise’s most critical IT and space-based systems. In this keynote, she’ll bring a senior-level perspective on the intersection of cybersecurity, satellite communications, and national defense priorities, offering insight into the technologies, threats, and decisions shaping our most mission-critical systems.
Many space systems lack on-board threat detection capabilities, which are essential prerequisites for cyber resilience. This session outlines efforts by the DHS Science & Technology Directorate (S&T) to lower these implementation barriers through the development of prioritized threat indicators for the SPARTA framework, reference implementations of on-board detectors, and concepts for how these fit into a broader space cybersecurity ecosystem.
As the space domain becomes increasingly contested and strategically vital, the emergence of agentic AI — AI systems capable of autonomous decision-making and action — presents unparalleled opportunities and risks for national security and defense. This session brings together leading experts in national security, artificial intelligence, cybersecurity, military strategy, and space operations to explore how agentic AI is transforming security in orbit and beyond. Topics include the rise of AI-Native companies in cybersecurity, the evolving role of agentic AI in cyber defense, risk management, compliance, satellite operations, and space situational awareness, new vectors of vulnerability including potential AI-driven attacks on critical space infrastructure, and partnerships between government, defense contractors, and commercial innovators to secure the space domain.
The U.S. is ramping up its space ambitions by investing heavily in next-gen capabilities to secure strategic dominance. At the center is the Golden Dome project, which is reshaping the national space posture and accelerating defense innovation. However, in a contested domain, ambition isn’t enough. This session explores how rising cyber threats, shifting alliances, and intensifying competition with China are reshaping U.S. space strategy. We’ll examine the implications for private-sector partnerships, defense supply chains, and the broader industrial base under the new administration — inside a rapidly evolving space race.
Quantum entangled keys offer high levels of security based on the principles of quantum mechanics. The use of satellites mitigates the problem of scalability of key distribution over large distances across the globe, as free-space optical communication losses are significantly lower than in optical fibers. A suitably designed satellite constellation offers a solution to the issues of limited availability and rate of entangled key distribution for coverage of a specified list of ground stations. This work addresses the orbital design of an Entangled QKD satellite constellation considering specified networks of optical ground stations. Optimal orbits for night-time QKD is the objective, with the minimum secure key size between a pair of stations as the primary metric.
The focus of this presentation is a research project involving installing a software version of SNC’s Binary Armor cybersecurity solution onto an on-orbit technology demonstration satellite platform. The purpose was to determine methodologies for installing cybersecurity functionality onto already-extant satellites. The presentation describes the decision-making process for the implemented solution along with challenges encountered — such as hardware and software resource limitations and working within the constraints of integrating remotely into a system that cannot be drastically modified. Next, the methodology and results of the demonstration are described, including what data was observable and what insights were derived. Finally, the presentation discusses next steps and offers recommendations for technical and methods-based approaches for implementing cybersecurity on satellites, both those already on-orbit and those being designed with cybersecurity as part of core functionality.
Artificial intelligence is accelerating both sides of the cyber arms race. For adversaries, AI enables faster reconnaissance, adaptive attack patterns, and precision targeting of space-based infrastructure. For defenders, it offers real-time anomaly detection, automated response, and predictive threat modeling. This session examines how AI is transforming the tactics, timing, and scale of space-related cyber conflict — and what’s at stake if defense doesn’t keep pace.
As space robotics play a critical role in exploration, satellite servicing, and deep-space missions, they face unique cybersecurity challenges including hacking, jamming, and data breaches. This presentation examines space robotics and the rising cyber risks to these systems and explores strategies like encryption, secure communication, and AI-driven threat detection. By adopting a proactive, defense-in-depth approach, we can ensure the resilience and security of space robotics in an increasingly connected space environment.
This session is closed to press. Capt. David Vermillion presents findings from a Space Force-led effort to predict anomalies in spacecraft thrusters using an ensemble machine learning approach. The session walks through the satellite bus components involved, the data engineering and modeling techniques applied, and recommendations based on project outcomes. This is a real-world case study in applying machine learning to improve reliability and anticipate faults in operational space systems.
A lightning session presenting a quantitative methodology for measuring and improving operational resilience in space systems. This approach provides organizations with metrics-driven frameworks for assessing cyber resilience, prioritizing investment, and communicating risk posture to leadership in a defensible, data-driven way.
In collaboration with Final Frontier Security & SIXGEN. Space is limited to 50 participants. Registration required.
Who wants to hack and break some satellites? This workshop involves hands-on labs introducing participants to ground station and flight software, covering system functionality, vulnerability, and exploitation. Workshop lectures cover the complexities of space systems and their operations, as well as the impacts of malicious and defensive cyber activity within such architectures.
The cybersecurity posture of the space enterprise continues to evolve as its architecture modernizes and with the rapid commercialization of space solutions. The complexity of cybersecurity terminology, standards, and policies can lead to ambiguous and incomplete requirements for system design and acquisition. Recent advances in Large Language Model (LLM) technology provide a potential approach for performing tailoring in an automated fashion. This effort, done jointly with Aerospace Corp., aims to develop a framework to bridge the gap between cybersecurity requirements and space system design requirements. This presentation discusses the development of a comprehensive framework to align cybersecurity requirements with space system design, leveraging modern Generative AI technology and a modular approach to streamline the process and enhance the overall security posture of space systems.
Rafael is one of Israel’s largest defense companies. It is no secret that over the last few years, the company has had a target on its back due to the conflict in the region. It is also clear that hotspots like the Middle East provide a theater of learnings for space and defense companies, as space assets are getting targeted more and more, with conflicts becoming more multi-dimensional. In this exclusive fireside chat, Michael Bernat, Cyber CTO, Rafael Advanced Defense Systems, talks about what Rafael has seen over the last few years, what learnings it can share with the international space community, and how lessons learned in the Middle East can be applied on a global stage.
Germany is increasingly asserting itself as a leader in both the space and cybersecurity domains across Europe. This fireside chat explores how Germany’s Federal Office for Information Security (BSI) is shaping policy and technical standards for space system cybersecurity, its role in international frameworks, and how rising geopolitical pressures are accelerating investment and capability development across the European space enterprise.
Trusted computing principles are foundational to modern cybersecurity, but their application in satellite systems remains limited. This session explores how standards like the Trusted Platform Module (TPM) and CyRes from the Trusted Computing Group can help secure satellite systems throughout their lifecycle. Using examples from other industries and recent high-profile IT failures — like the CrowdStrike incident that disrupted critical services worldwide — the presentation highlights the role of hardware roots-of-trust in building secure software platforms and communication pathways for space-based infrastructure.
Operators are increasingly facing direct and destructive cyber campaigns. What kinds of attacks are being launched? What vulnerabilities are being exploited? This panel gathers space companies to share the incidents they’ve encountered, how they responded, and what lessons others need to know now. From command intrusion to signal disruption, the space sector is a live-fire zone. This provides a rare look at what’s actually happening and how the threat environment is escalating rapidly.
The closing keynote for Day 1 delivers a senior perspective from the National Reconnaissance Office on the state of space cybersecurity, emerging threats to national security space systems, and the strategic priorities shaping NRO’s approach to protecting U.S. space assets in an increasingly contested domain.
Tuesday, November 18
UnclassifiedNATO’s Head of the Space Section in the Defence Industry, Innovation and Armaments Division delivers a keynote on NATO’s evolving space security posture, interoperability among allied space systems, and how the alliance is addressing cybersecurity threats to space-based infrastructure in an era of great power competition.
As CISO for the Department of the Air Force, James “Aaron” Bishop plays a central role in shaping cybersecurity strategy across the Air Force and Space Force. With decades of experience spanning government, industry, and national security, Bishop brings a mission-first perspective to some of the most urgent cyber and defense challenges. In this keynote, he’ll share senior insights on securing critical systems and navigating the evolving threat landscape across air, space, and cyber domains.
In collaboration with SIXGEN & Aerospace Village. Space is limited to 50 participants. Registration required.
Join us for a collaborative choose-your-own-cybersecurity adventure in outer space. We will explore the full spectrum of cybersecurity decision making within the context of a realistic space system, its mission, and its threats. To SEIM, or not to SEIM on orbit? Should you bother threat hunting where no LAN has gone before? Patch the bird? Accept the risk? Pay the space pirate’s ransom?
As the demand for low-latency, high-volume processing grows, On-Orbit Data Centers (ODCs) offer a path to real-time analytics, fused intelligence, and edge autonomy. This session explores how ODCs support evolving mission needs while introducing new cybersecurity risks — from expanded attack surfaces to challenges in securing autonomous operations. Learn how operators are addressing these risks, and why on-orbit compute is central to the future of resilient and scalable space infrastructure.
When we suspect the compromise of a computer or simply want to repurpose it, we wipe the machine back to bare metal, re-install an Operating System, and then install the applications. Spacecraft have flight computers, so how do we do this safely with a satellite on orbit? Quick answer: we haven’t — until now. Using data and experiences from on-going flight tests on the CAPSTONE spacecraft at the Moon, this session covers NASA’s SW-Defined Satellite experimentation and how they took an existing commercial spacecraft and repurposed it to test out a variety of new concepts and applications from a distance of about 400,000 kilometers.
Winning space contracts today requires more than technical capability — it demands a strong compliance posture. From CMMC 2.0 and IA-PRE to tightening European regulations, space companies must navigate a complex and evolving landscape to work with defense and government customers. This session breaks down what’s required, where most companies fall short, and why compliance is now a critical part of space security. With government and defense customers tightening requirements, compliance isn’t paperwork — it’s a security posture.
Perimeter-based security is no longer sufficient for protecting modern space systems. This session explores how Zero Trust (ZT) principles — such as least privilege, continuous access validation, and data-centric protection — can be tailored to space environments that include distinct ground, space, link, launch, and user segments. With intermittent connectivity, legacy platforms, and mission-critical constraints, applying ZT without modification risks system fragility or operational failure. Drawing from NIST, CISA, and DOD frameworks, this talk outlines a segment-aware approach and presents draft guidance to help mission designers and cybersecurity planners adopt Zero Trust in ways that enhance resilience without compromising performance.
Inter-satellite links (ISLs) are key to unlocking space-to-space operations, but they also introduce complex cybersecurity and orchestration challenges. This session explores how Satlyt is building secure, decentralized edge computing across satellite networks using software-defined architecture, encrypted routing, and AI-driven anomaly detection. Learn from real-world implementation strategies — including delay-tolerant networking and auction-based resource allocation — that enable resilient, scalable, and monetizable in-orbit infrastructure.
As quantum computing advances, legacy encryption methods are becoming vulnerable. This session introduces practical approaches to deploying quantum-resistant protocols in proliferated satellite architectures. Drawing from commercial pilots and coalition exercises, the speaker will share implementation guidance for secure key exchange, constrained spacecraft integration, and cross-border interoperability. The discussion offers actionable insights for protecting future LEO constellations and sustaining deterrence through cryptographic resilience.
Cyber attacks on the satellite ground segment are both real and more common than one might expect. As more ground stations are pressed into extended service lives, the industry has created a target-rich environment. This session explores threats and techniques being leveraged against satellite systems, best practices to ensure that systems remain well protected, and long-term viewpoints to help ensure that industry, academia, and government work together effectively.
Recent executive orders have directed (EO 14144) and sustained (EO 14306) that space national security systems (NSS) need to strengthen cybersecurity measures to keep pace with emerging threats. The executive orders directed the Committee on National Security Systems (CNSS) to update policy for necessary space system cybersecurity measures. This talk provides an overview of the policy and instruction updates that will drive fundamental new capability implementation across space NSS, covering new cybersecurity capability needs across the space enterprise.
This session introduces the Quantum Augmented Network (QuANET) concept: near-term integration of quantum systems into communication channels as sensors, timing mechanisms, and information carriers. The presentation covers how quantum technologies can augment classical networks in the near term, enabling enhanced security, precision timing, and novel sensing capabilities while bridging the gap between current communications infrastructure and future full-quantum networks.
Alexis Bonnell, Head of AI Adoption and Deployment at OpenAI for Government, delivers a keynote on how AI is transforming government operations, national security, and the space enterprise. Drawing on her experience as former CIO of the Air Force Research Laboratory where she introduced the first large-scale LLM to the DOD, Bonnell shares practical insights on AI adoption, deployment challenges, and the implications of advanced AI for space cybersecurity.
A multinational crew is in cislunar space aboard an imperiled spacecraft, and you are part of the ground team responsible for guiding them to safety. Do you have what it takes to bring them home? This experience will challenge your ability to respond to an incident in cislunar space and choose a course of action that safeguards human life. You will be a critical decision maker in a fictional commercial space company faced with an unprecedented problem.
Throughout the exercise, participants will grapple with issues of coordination, uncertainty, and fractured trust — requiring innovative thinking and cross-sector collaboration. You’ll have the opportunity to explore emerging mission capabilities, including the use of quantum entangled networking as a secure channel for restoring trust and ensuring mission continuity. Work closely with your teammates, the Space ISAC Watch Center, and a dedicated government cell to chart a path forward and bring the crew home safely.
Hybrid constellations represent the future, but they bring layered complexity. As operators transition toward hybrid constellations encompassing LEO, MEO, and GEO, complexity and risk increase. This session examines how multi-orbit architectures impact cybersecurity — from vulnerable cross-link connections to unpredictable mesh behaviors. We’ll analyze the trade-offs between LEO-only and blended networks, emphasize where vulnerabilities arise, and investigate how government investment is accelerating the demand for secure, scalable design across orbits.
Detecting cyber threats before they reach software is key to protecting space systems. This session focuses on Radio Frequency Signal Anomaly Detection (RFAD) as a method for early warning. Using case studies and competition results from MIT’s Anomaly Detection Challenge, we’ll examine how RFAD algorithms operate under tight SWaP constraints and what industries like GNSS and IoT can teach us. Learn best practices for integrating RFAD into space architecture as a first layer of defense.
This session introduces a three-tier model for space collective defense, developed through engagements with Space-ISAC and US Space Forces Space (S4S). Topics include structuring Primary Intelligence Requirements, applying open-source detection engineering with roota.io, and instrumenting telemetry to map exposure. The approach connects intelligence priorities with practical implementation, offering a coordinated strategy for defending converged space platforms. Recommended for incident responders and cybersecurity teams seeking to operationalize collaborative defense.
Direct-to-device (D2D) is reshaping global communications by linking satellites directly to everyday devices, filling in crucial connectivity gaps in the world’s hardest-to-reach environments. As adoption accelerates, new challenges emerge as billions of devices connect directly to orbital assets. Understanding the cybersecurity dimensions of D2D is essential to building resilience, strengthening detection, and fostering trust. This session explores how D2D alters the threat model for space networks, real-world risks ranging from device-level vulnerabilities to large-scale exploitation, and the strategies being deployed across the ecosystem to safeguard users while enabling this transformative capability.
In this exclusive fireside chat, Senator James Lankford — Chair of the Senate Intelligence Committee — discusses the legislative priorities shaping U.S. space cybersecurity policy, the Intelligence Committee’s perspective on threats to space-based national security assets, and what Congress is doing to ensure the U.S. maintains its strategic advantage in the space domain.
Wednesday, November 19
🔒 Classified Program — TS/SCIThis classified session examines the intersection of Electromagnetic Spectrum Operations (EMSO) and space systems cybersecurity, exploring how adversaries exploit the electromagnetic spectrum to attack space systems and how EMSO capabilities can be integrated into a comprehensive cyber defense posture for space assets.
Magnetite is a secure embedded operating system built on formal methods foundations — mathematical techniques that provide provable security guarantees. This session presents the design philosophy, implementation, and testing of Magnetite, including how formal verification enables high-assurance security for resource-constrained space systems where traditional security approaches are insufficient.
This classified session from Sandia National Laboratories presents research and findings related to space system cybersecurity, offensive and defensive techniques, and vulnerability analysis relevant to national security space systems.
An interactive foresight session exploring multiple plausible futures for cybersecurity across the space enterprise. Participants engage in structured scenario planning to identify strategic threats, capability gaps, and priority investments needed to secure the space domain over the next decade.
Space ISAC and SIXGEN present the future of cybersecurity architectures for space systems — covering threat intelligence sharing, sector-wide defensive postures, and how the space community can collectively strengthen resilience through coordinated information sharing and collaborative defense strategies.
As processing moves to the space edge — whether on satellites, relay nodes, or in-space infrastructure — traditional cybersecurity paradigms must evolve. This session explores the cybersecurity challenges unique to space edge computing: resource-constrained hardware, limited update cycles, supply chain risks, and the need for autonomous security responses when ground contact is unavailable.
As commercial and government operations extend beyond geosynchronous orbit into cislunar space, the attack surface for adversarial cyber activity expands dramatically. This session examines the unique cybersecurity challenges of cislunar operations — including long communication delays, limited ground contact windows, and the convergence of space and cyber operations — and presents current research into protecting assets operating in the Earth-Moon system.
The third installment of this candid, senior-level classified discussion brings together key decision-makers from government and industry to speak frankly about the most pressing classified cyber challenges facing the space enterprise. The format encourages direct dialogue on topics that cannot be discussed in unclassified settings.
An overview of the National Reconnaissance Office’s Advanced Systems and Technology (AS&T) Space Cyber portfolio, covering current programs, research priorities, and how NRO is investing in next-generation cybersecurity capabilities to protect national space assets.
Thursday, November 20
🔒 Classified Program — TS/SCIThe National Reconnaissance Office presents an overview of its Space Cyber Program, covering the NRO’s approach to securing its satellite systems and ground infrastructure, cyber threat priorities, and how the agency is working with industry and interagency partners to advance space cybersecurity across the intelligence community.
Effective defense of space systems requires comprehensive detection capabilities spanning both ground and orbital segments. This session examines the current state of detection across the space system lifecycle — from ground control networks to on-orbit assets — identifying where visibility gaps exist, what capabilities are maturing, and why the maxim “no detection, no defense” is especially critical for space operators facing sophisticated adversaries.
This classified session examines the trajectory of offensive and defensive cyberwarfare operations affecting military space systems over the 2025–2030 period. Topics include adversary TTPs targeting space assets, the integration of cyber effects into multi-domain military operations, and how the Space Force and defense community are building cyber resilience into next-generation military space architectures.
The rapid proliferation of launch vehicles and the emergence of commercial launch as a critical national security enabler has introduced new cybersecurity challenges across the launch segment. This session examines cyber threats to launch infrastructure, vehicle integration networks, and range systems, and discusses how government and industry are collaborating to build cyber resilience into launch operations without compromising mission tempo.
AI is increasingly being deployed on-orbit for autonomous operations, anomaly detection, and mission planning. This session examines the security implications of AI-enabled space systems — including adversarial manipulation of AI models, the risks of autonomous decision-making in contested environments, and how the defense and commercial sectors are thinking about trustworthy AI for orbital platforms where human oversight is limited.
The National Geospatial-Intelligence Agency’s CISO presents the agency’s cybersecurity posture, priorities, and challenges in protecting geospatial intelligence systems and data. Topics include NGA’s approach to securing its space-based data collection infrastructure, risk management frameworks, and the cybersecurity workforce strategies supporting the agency’s mission.
Join Us at CyberSat 2026
Now in its 10th year — November 2–5, 2026 · Reston & Chantilly, VA
Register for 2026