Cyber security adoption is vital to Scotland’s space race

It has been described in various evocative ways across popular culture, reflecting its vastness and potential for discovery. But, as the industrialisation of space starts to become a reality, Scotland finds itself at the vanguard of a flourishing sector.

As a global leader in the manufacture of CubeSats (a class of small satellite), backed by a rich history of technology development in the sector, Scotland is already leading the way in the production of space hardware and applications.

The nation’s unique combination of innovation, ambition and the right geography means it’s well placed to take advantage of the sector’s commercial opportunities. From design, logistics and manufacturing to launch, monitoring and data analysis, Scotland is currently the only country in Europe with the ability to provide an end-to-end space service. And with the development of launch capabilities, it’s well on its way to being considered a key player.

As the nation climbs higher on the global space ladder, it’s primed to catch the eye of investors, indeed it’s already doing so. But in this critical industry, where the cyber risk is high, investors are increasingly looking at levels of cyber security and resilience as a key factor in their decision-making process.

So, in the race to be number one, it’s vital we can create a secure and robust environment that’s appealing to overseas investors and will help drive the development of the sector.

For organisations involved in any aspect of the flight and asset management process, cyber is a clearly defined risk and regulatory controls are a significant area of focus. But moving further along the supply chain into smaller, less mature organisations, regulatory controls can be undefined and the focus on cyber security unstructured.

Inconsistent cyber protocols across the sector can create weak links in the supply chain. And, as we know, the impact of a cyber incident anywhere in the production line could have a potentially huge knock-on effect to the operation and reputation of the entire sector.

With Glasgow and Edinburgh quickly becoming known as leaders in small satellite manufacturing and space data, there’s little debate that the nation is already punching above its weight. In fact, the recent funding awarded to Glasgow University to make the moon habitable is another significant indicator of the sector’s ambition. Without a secure and resilient supply chain though, Scotland’s space sector can only get so far.

It’s a vicious circle. The faster the sector develops and the more disruptive technologies and valuable IP that is created, the higher the risk of technology theft. And, the bottom line is, money will go where there is growth – but only if it feels safe.

In such a highly competitive, data-driven industry, reliability and functionality are key. We can’t afford launch failures, equipment malfunctions, cyber breaches or any other events that would deny service. Just one such event could quickly put new investors off.

To maximise the opportunity that stands before us, we need to ensure our potential exceeds that of our competitors. And while there’s no silver bullet solution, there are some measures businesses can take to make Scotland a secure and resilient space hub.

Firstly, there must be a consistent level of regulatory control implemented across the industry. By introducing a ‘sector best practice’ standard, we can ensure minimum levels of cyber security are adopted in the primary and secondary sectors of space. Ultimately, this will allow the industry to reduce the inconsistency of cyber resilience and address any weak links in the supply chain that may be attractive to hackers. Demonstrating sector-wide best practice will help Scotland enhance its reputation as a robust and safe location for space businesses.

Additionally, while the importance of cyber resilience is widely understood and Scotland has a successful track record for protecting its sectors against cyber attacks, it can still be cost and resource intensive. In smaller space organisations with a highly skilled workforce, the operational cost can be high when resource must be allocated to implementing cyber security activities.

Using specific in-house expertise can save the cost of outsourcing. With a major skills shortage affecting the whole tech sector, it’s important that industry and academia work together to ensure core cyber skills are being taught from school age. Developing increased technology skills and a strong basic understanding of cyber across the workforce can ensure Scotland is robust and agile for generations to come.

At the end of the day, the global space sector will continue to advance rapidly regardless of whether the Scottish sector is able to deal with these barriers effectively. If the nation can’t address these challenges head on, then we shouldn’t be surprised if we’re left behind, and what a missed opportunity that would be.

David Ferguson is head of data and cyber development lead at ScotlandIS, a membership organisation advocating for and promoting Scotland's digital technology ecosystem.