Neither space policy nor cybersecurity policy is prepared for the challenges created by the meshing of space and cyberspace, especially for spacecraft. In the absence of formal policy and regulations, industry and government alike can begin to apply defenses at all segments within the space system to build a more robust security posture.
To mitigate risks, decisionmakers must ultimately determine what kinds of defense-in-depth principles to apply. Not all risks can be eliminated, and no decisionmaker has unlimited budget or enough personnel to combat all risks. However, decisionmakers, acquisition professionals, program managers, and system designers can consider certain key principles when acquiring or designing a cyber-resilient spacecraft.