Space Force awards contract to protect space systems, data with zero-trust approach
Space Systems Command, the Space Force’s acquisition arm, has awarded cybersecurity company Xage Security a $17 million contract to strengthen the service’s defenses against cyberattacks with zero-trust access control and data protection.
The contract comes as the Space Force looks to collaborate more with a burgeoning commercial space industry, as well as international allies and partners. And while these efforts offer the service more flexibility in the space domain, Xage Security CEO Geoffrey Mattson noted that it also increases the surface area an adversary can use to launch an attack — which calls for greater cybersecurity protection of space systems.
“Both of these things require that they have a solution where they’re able to secure this entire chain, from the satellite to the base station to the network to the data itself,” Mattson said in an interview with DefenseScoop.
Per the contract, the Space Force will deploy the company’s Xage Fabric — an identity-based cybersecurity mesh — across a number of the service’s satellite systems, ground-based architectures and connecting networks. That includes both legacy and next-generation space systems, as well as commercial assets, Mattson said.
An identity-based cybersecurity approach is fundamental to a zero-trust cybersecurity architecture, which requires that all users and data be continuously authenticated and authorized as they move through a network in order to protect critical information.
Implementing zero-trust approaches to cybersecurity is a goal for the entire Department of Defense, which is aiming to achieve a target level of zero trust by 2027.
Mattson noted that much of cybersecurity today is focused on detecting hackers or unauthorized software like malware when they are already in a network. Xage and others who use identity-based approaches are instead worried about protecting the network, he said.
“We have this identity-first approach where we make sure if you are touching anything, we know who you are — and we know who you are really well,” he explained. “We make sure you’re a privileged user, we verify your level of privilege, we strictly control what you can do and monitor what you can do right now.”
Xage’s platform also constantly scans data moving through the space domain to check for intrusive software like malware, while also making sure the data is not being tampered with while in transit, Mattson added.
To do this, the company will deploy its Xage nodes to create a software-based distributed cybersecurity mesh, which essentially creates a virtual overlay on top of a group of assets.
That overlay is what determines who does and does not have access to a particular system, controls how each asset interacts with the other and serves as an authentication checkpoint for everything moving in and out of it, Mattson explained.
“You can deploy as many of them as you want or as few, down to a certain minimum size. And then you can decide how many of them need to agree to provide a certain number to provide preventative credentials and access,” he said. “So you can scale way up, and then you can modulate how resilient it will be with nodes failing.”
Mattson emphasized that the Xage Fabric is extremely resilient, which is crucial to defending against the unique cybersecurity threats of the space domain. In the event that one or more of Space Force’s assets are not available — whether by atmospheric or adversary interference — the platform is programmed in a way so that remaining systems can stay connected and function properly, he explained.
“Even under normal conditions, communications can be interrupted or can be too slow,” Mattson said. “But then, under conflict conditions — it can be really dangerous.”
