NCC Group and the University of Surrey have set up a "Space Cyber Security Research Partnership"
NCC Group and the University of Surrey have set up a "Space Cyber Security Research Partnership" to investigate the security issues faced by satellites.
A breathless statement from the British university and infosec firm informs us all that they "will utilise the University's world-leading expertise in technological innovation and focus on high-impact research to improve the understanding of current and future security challenges facing the industry".
On top of this they will also be sponsoring a PhD student to look closely at the security implications of using commercial off-the-shelf (COTS) components in satellites.
The organisations added: "Traditionally the satellite industry has, to some extent, relied upon 'security through obscurity'. However, this is no longer the case, as well-known operating systems are being deployed that could potentially be vulnerable to common security issues."
A handful of conferences in Britain's defence and security communities have touched on the largely unexplored area of satellites and infosec, but this partnership marks a step forward for the field. Surrey University's brightest brains spawned Surrey Satellite Technology Ltd (SSTL), now owned by the defence arm of Airbus and supplying services to the Ministry of Defence, while NCC is well known in the UK infosec industry.
Andy Davis, NCC Group's transport assurance practice director, said in a canned quote: "Cyber security research in this field is urgently required and establishing this centre of excellence will help further increase knowledge about the potential threats facing emerging space assets. With the University of Surrey's track record of bringing together business and academia, I've no doubt this partnership will be a huge success."
Intriguingly, SSTL built some of the navigational payloads on the EU's Galileo satellite, a programme that has caused much wailing and gnashing of teeth in the UK following the nation's vote to leave the political bloc in 2016. Predictably, the EU shut the UK out, which put a rather large dent in the British government's ambition of securing 10 per cent of the global space market.
Dr Chris Bridges, senior lecturer at Surrey Space Centre, chipped in: "With smallsats and nanosatellites becoming commonplace and the typical launch and regulatory barriers shifting, more commercial missions are being launched in Low Earth Orbit (LEO). Understanding the risks to these important assets and how they are managed is critical for ensuring the security of future infrastructure."
El Reg imagines that the EU will be particularly interested in the partnership's output, given that the COTS navigational hardware for its flagship GPS replacement system was bolted to its birds by what it now insists on calling a "third country".
Latest Jobs
-
- ForgeRock Consultant
- Spain
- Upto €85000 plus benefits
-
ForgeRock deployment consultant is needed for this expanding IT Services business within Spain, to act as their ForgeRock technical lead, Responsibilities include: High level and low level design, Scoping the techical needs of the project design, configure, develop and test the forgeRock deployment. We are looking for a strong IAM consultant ideally with ForgeRock experience, Must have strong Oauth 2.0, SAML and API experience
-
- IAM Consultant
- France
- Upto €85000 plus benefits
-
An Identity & Access Management Consultant is needed for an expanding IT Security consultancy, based in France. (Remote role with monthly office meet-ups) The Identity & Access Management Consultant will be responsible for the technical design and implementation of Identity & Access Management/IAM products for a wide variety of clients. Deliver bespoke end-to-end consultancy service to our clients, from gathering requirements through to implementation. Work in a close team designing, developing, and implementing first-class IAM solutions. Manage client relationships, working closely with key stakeholders to continually evaluate business requirements and ensure the highest quality solution delivery. If you are interested we are looking for an individual with Previous experience working within the IAM or CIAM field is essential, Strong knowledge with SAML and Oauth and ideally OpenID Previous experience from any of these technologies: One Identity, SailPoint, Saviynt, Ubisecure, Ping Identity, would be advantageous
-
- Ping Identity Support Consultant- IAM Support
- Madrid
- upto €60,000 plus benefits
-
As the Ping Support specialist, you would be part of a team focused on Single Sign On (SSO) / Federation and Multifactor authentication, protecting our clients from unauthorized access and cyberattacks. The position is to provide 2nd/ 3rd line support, for the following tech. SSO, Federation, Reverse Proxy infrastructure, Apache servers, and its associated components and applications To be responsible for the day to day operational support, performance, tactical lifecycle management, and continuous improvement of the respective IT infrastructure. We are looking for someone with strong SAML and OAuth Knowledge as well as experience supporting the Ping portfolio of solutions Identity, Access, Federate
-
- IAM Architect Ping Identity, Access Federate
- Stuttgart
- Up to €110,000 plus benefits
-
An experienced Ping Identity Architect is needed for this global brand who are looking for someone who wants to join a growing Cyber Security team. We are looking for a senior Architect who can be responsible for the full IAM portfolio, including overseeing all BAU work as well as being responsible for the future strategy and development of the IAM portfolio further development and strategy You will be responsible for ensuring all architectures and best practices within the architecture framework are maintained and developed We are looking for someone with a strong Ping background, in Ping identity, federate, and Access, you will have worked as a senior consultant or architect in previous roles and ideally have some team-leading experience You will have good knowledge of architectural principles and patterns and their implementation into system and software design Experience in handling container technologies, cloud technologies, CI/CD (DevOps) and LDAP