The North Atlantic Treaty Organizations (NATO) public-private Space Asset
Supply Chain (SASC) currently exhibits significant cybersecurity gaps. It is
well-established that data obtained from space assets is fundamental to NATO,
as they allow for the facilitation of its missions, self-defence and effective
deterrence of its adversaries. Any hostile cyber operation, suspending control
over a space asset, severely impacts both NATO missions and allied Member
States national security. This threat is exacerbated by NATOs mostly
unregulated cyber SASC. Hence, this thesis answers a twofold research question:
a) What are current cybersecurity gaps along NATOs global SASC; and b) How can
NATO and its allied Member States gain greater control over such gaps to
safeguard the supply of NATO mission-critical information? An ontological field
study is carried out by conducting nineteen semi-structured interviews with
high-level representatives from relevant public, private and academic
organizations. This research was undertaken in collaboration with the NATO
Cooperative Cyber Defence Centre of Excellence (CCDCOE) in Tallinn, Estonia.
This thesis concludes that current cybersecurity gaps along NATOs SASC are
caused by cyber vulnerabilities such as legacy systems or the use of
Commercial-Off-the-Shelf (COTS) technology. Inadequate cyber SASC management is
caused by hindrances such as misaligned classification levels and significant
understaffing. On this basis, NATO should consider two major collaboration
initiatives: a) Raising Awareness throughout the whole of the NATO system, and
b) Pushing forward the creation of regulation through a standardized security
framework on SASC cybersecurity. Doing so would enable NATO and its Member
States to recognise cyberthreats to mission-critical data early on along its
cyber SASC, and thus increase transparency, responsibility, and liability.

By admin