Public-Private Defence for Satellite Cybersecurity: Addressing Challenges Through Collaboration

Abstract

Commercial satellites play a pivotal role in maintaining civil communications and military operations. However, these privately operated space systems remain vulnerable, particularly when deployed in high-stakes public emergency scenarios where secure and continuous communication is critical. This paper examines the cyber risks associated with commercial satellite communication (SATCOM) networks, such as those operated by SpaceX and Amazon, when deployed during civil conflicts and national emergencies. We argue that the convergence of military reliance, profit-driven motives, and emerging AI-enabled cyber threats has created a critical need for a public–private cybersecurity paradigm. We analyse three core challenges: misaligned stakeholder interests, the rise of generative AI-enabled attacks, and transparency gaps in satellite protocol governance. Building on the National Institute of Standards and Technology (NIST) Cybersecurity Framework (CSF) and the 2024 NIST AI Risk Management Framework (AI RMF), we propose an integrated approach for securing commercial SATCOMs. Our framework adapts NIST core functions to satellite systems and aligns sector-specific guidance from NIST Internal Reports (IR)s to facilitate coordination among government, military, and commercial actors. We further evaluate existing U.S. practices, including the Cybersecurity and Infrastructure Security Agency’s Space System Working Group and the Space Force’s Infrastructure Asset Pre-Assessment Program, to assess how cross-sectoral collaboration can be standardized and institutionalized. We argue for pre-emptive regulation on AI model deployment, cryptographic protocol disclosure, and open standards for hybrid satellite networks. By synthesizing technical frameworks with policy case studies, this study makes three contributions: first, it articulates a novel application of the NIST CSF to commercial satellite cybersecurity; second, it provides a conceptual bridge between AI risk management and satellite network governance; third, it offers practical strategies for harmonizing public benefit with private infrastructure in space-based communication. This research supports the development of a resilient satellite cybersecurity ecosystem that safeguards public trust and international stability.