Agenda

Where Space Cybersecurity Gets Real

CyberSat turns 9 this year, and the program we’ve built might be the most technical and relevant one yet. We’ve introduced two new tracks – Business, Policy, Partnerships (BPP) and Technology, Threats, Solutions (TTS) – alongside agency keynotes, deep-dive sessions on satellite and ground system security, and CISO-level threat intel you can actually use.

Monday, November 17

7:30 am - 5:30 pm
8:30 am - 9:00 am
Room: Grand Ballroom A-D
As the DOD's Chief Information Officer, Ms. Arrington oversees the defense enterprise's most critical IT and space-based systems. In this keynote, she'll bring a senior-level perspective on the intersection of cybersecurity, satellite communications, and national defense priorities, offering insight into the technologies, threats, and decisions shaping our most mission-critical systems.
Katie Arrington
Performing the Duties of Chief Information Officer (CIO)
U.S. Department of War
9:15 am - 9:45 am
Room: Regency Ballroom
Many space systems lack on-board threat detection capabilities, which are essential prerequisites for cyber resilience. This session outlines efforts by the DHS Science & Technology Directorate (S&T) to lower these implementation barriers through the development of prioritized threat indicators for the SPARTA framework, reference implementations of on-board detectors, and concepts for how these fit into a broader space cybersecurity ecosystem.
Ernest Wong
Technical Lead, PNT & Space Systems
Department of Homeland Security (DHS) Science and Technology Directorate (S&T)
9:15 am - 9:45 am
Room: Grand Ballroom A-D
Dianne Poster
Senior Advisor
NOAA Office of Space Commerce
10:00 am - 10:25 am
Room: Regency Ballroom
Modernizing legacy software is costly and often leaves behind common vulnerabilities. The TRACTOR program aims to change that by translating C into safe, idiomatic Rust at scale. This session provides an overview of TRACTOR's approach, its goals for improving code safety and structure, and its progress to date. Learn how this work could impact cybersecurity for space, defense, and infrastructure systems still dependent on legacy software.
Dan Wallach
Program Manager
DARPA Information Innovation Office
10:00 am - 10:50 am
Room: Grand Ballroom A-D
The U.S. is ramping up its space ambitions by investing heavily in next-gen capabilities to secure strategic dominance. At the center is the Golden Dome project, which is reshaping the national space posture and accelerating defense innovation. However, in a contested domain, ambition isn't enough. This session explores how rising cyber threats, shifting alliances, and intensifying competition with China are reshaping U.S. space strategy. We'll examine the implications for private-sector partnerships, defense supply chains, and the broader industrial base under the new administration - inside a rapidly evolving space race.
Moderator
Valerie Cofield
(retired) Chief Strategy Officer
U.S. Cybersecurity and Infrastructure Security Agency (CISA)
Sarah Mineiro
Founder and CEO
Tanagra Enterprises
Sean Papso
Executive Vice President
Invictus Consulting
Victoria Samson
Chief Director, Space Security and Stability
Secure World Foundation
Lauryn Williams
Deputy Director
Center for Strategic and International Studies
10:25 am - 10:50 am
Room: Regency Ballroom
The focus of the presentation will be to describe a research project involving installing a software version of SNC's Binary Armor cybersecurity solution onto an on-orbit technology demonstration satellite platform. The purpose of this research was to determine methodologies for installing cybersecurity functionality onto already-extant satellites. The presentation will describe the decision-making process as to the implemented solution along with challenges encountered when trying to install software on a satellite already in orbit such as hardware and software resource limitations and working within the constraints of integrating remotely into a system that cannot be drastically modified to allow for new software or functionality. Next, the methodology and results of the demonstration will be described, such as what data was able to be observed by the cybersecurity solution and what insights were able to be derived. Finally, the presentation will talk about the next steps of this research effort and offer recommendations for technical and methods-based approaches for implementing cybersecurity on satellites, both those that are already on-orbit and those that are in the process of being designed and built with cybersecurity as part of the core functionality.
Kyle Shepard
Chief Engineer
SNC
10:50 am - 11:30 am
Room: Grand Ballroom Foyer
Sponsored by:
11:30 am - 12:20 pm
Room: Grand Ballroom A-D
Artificial intelligence is accelerating both sides of the cyber arms race. For adversaries, AI enables faster reconnaissance, adaptive attack patterns, and precision targeting of space-based infrastructure. For defenders, it offers real-time anomaly detection, automated response, and predictive threat modeling. This session examines how AI is transforming the tactics, timing, and scale of space-related cyber conflict - and what's at stake if defense doesn't keep pace.
Moderator
Dr. Lisa Costa
CEO and co-Founder
Allegheny Group
John Trionfo
President, Defense Solutions
Antaris Space
11:30 am - 11:55 am
Room: Regency Ballroom
Perimeter-based security is no longer sufficient for protecting modern space systems. This session explores how Zero Trust (ZT) principles such as least privilege, continuous access validation, and data-centric protection can be tailored to space environments that include distinct ground, space, link, launch, and user segments. With intermittent connectivity, legacy platforms, and mission-critical constraints, applying ZT without modification risks system fragility or operational failure. Drawing from NIST, CISA, and DOD frameworks, this talk outlines a segment-aware approach and presents draft guidance to help mission designers and cybersecurity planners adopt Zero Trust in ways that enhance resilience without compromising performance.
Marcus Wallum
Operations Data Systems Manager
European Space Agency (ESA)
11:55 am - 12:20 pm
Room: Regency Ballroom
This session is closed to press. Capt. David Vermillion presents findings from a Space Force-led effort to predict anomalies in spacecraft thrusters using an ensemble machine learning approach. The session walks through the satellite bus components involved, the data engineering and modeling techniques applied, and recommendations based on project outcomes. This is a real-world case study in applying machine learning to improve reliability and anticipate faults in operational space systems.
Capt. David Vermillion
Commercial Consolidated Satellite Systems Expert Deputy Division Chief
U.S. Space Force
12:20 pm - 1:30 pm
Room: Grand Ballroom A-D
1:00 pm - 1:30 pm
Room: Grand Ballroom A-D
Seth Whitworth
Acting Associate Deputy Chief of Space Operations, Cyber and Data (SF/S6)
U.S. Space Force
1:30 pm - 2:00 pm
Room: Grand Ballroom Foyer
2:00 pm - 2:30 pm
Room: Regency Ballroom
Recent executive orders have directed (EO 14144) and sustained (EO 14306) that space national security systems (NSS) need to strengthen cybersecurity measures to keep pace with emerging threats. The executive orders directed the Committee on National Security Systems (CNSS) to update policy for necessary space system cybersecurity measures. This talk will provide an overview of the policy and instruction updates that will drive fundamental new capability implementation across space NSS. Come learn about the new cybersecurity capability needs across the space enterprise.
Paul de Naray
Principal Engineer
The Aerospace Corporation
2:00 pm - 5:00 pm
Room: Lake Anne

In collaboration with Final Frontier Security & SIXGEN


Space is limited to 50 participants. Registration required.


Who wants to hack and break some satellites? This workshop will involve hands-on labs introducing participants to ground station and flight software as well as covering system functionality, vulnerability and exploitation. Workshop lectures will cover the complexities of space systems and their operations, as well as the impacts to malicious and defensive cyber activity within such architectures.

2:45 pm - 3:10 pm
Room: Grand Ballroom A-D
Cyber attacks on the satellite ground segment are both real and more common than one might expect. As more ground stations are pressed into extended service lives, the industry has created a target-rich environment. This session explores threats and techniques being leveraged against satellite systems, best practices to ensure that systems remain well protected, and long term viewpoints to help ensure that the industry, academia, and government work together effectively.
Daniel Gizinski
President, Satellite & Space Communications Segment
Comtech
2:45 pm - 3:10 pm
Room: Regency Ballroom
The increasing reliance on satellite technology for critical infrastructure makes their cybersecurity paramount. This presentation focuses on incident response and attack path management for satellite systems and Software Defined Radios (SDRs), to mitigate and contain breaches from malicious threat actors, and provides strategies to harden systems while drawing on the expertise of experienced cybersecurity professionals. We will delve into real-world examples of cyberattacks on space systems, and discuss how incident response teams can effectively mitigate and contain breaches. This session will focus on the unique vulnerabilities of SDRs and ground stations, emphasizing the importance of attack path management to identify and close potential entry points for malicious threat actors. This presentation will provide actionable strategies for system hardening, zero trust models, supply chain security, and incident response planning, drawing on the expertise of experienced cybersecurity professionals and connecting these strategies to similarities in terrestrial cybersecurity.
Cristiana Brafman Kittner
Senior Manager
Proofpoint
3:10 pm - 3:35 pm
Room: Regency Ballroom
Trusted computing principles are foundational to modern cybersecurity, but their application in satellite systems remains limited. This session explores how standards like the Trust Platform Module (TPM) and CyRes from the Trusted Computing Group can help secure satellite systems throughout their lifecycle. Using examples from other industries and recent high-profile IT failures, like the CrowdStrike incident that disrupted critical services worldwide, the presentation highlights the role of hardware roots-of-trust in building secure software platforms and communication pathways for space-based infrastructure.
Thorsten Stremlau
Systems Principal Architect, CISSP
NVIDIA & TCG
3:10 pm - 3:35 pm
Room: Grand Ballroom A-D
Suzanne Lightman
Senior Information Security Advisor
National Institute of Standards and Technology
3:35 pm - 4:00 pm
Room: Grand Ballroom Foyer
4:00 pm - 4:45 pm
Room: Grand Ballroom A-D
Operators are increasingly facing direct and destructive cyber campaigns. What kinds of attacks are being launched? What vulnerabilities are being exploited? This panel gathers space companies to share the incidents they've encountered, how they responded, and what lessons others need to know now. From command intrusion to signal disruption, the space sector is a live-fire zone. This provides a rare look at what's actually happening and how the threat environment is escalating rapidly.
Moderator
Norm Laudermilch
Chief Information Security Officer
Maxar
Brandon Bailey
Principal Engineer, Cybersecurity and Advanced Platforms Subdivision
The Aerospace Corporation
Scott McCormick
Chief Security Officer
Planet
4:18 pm - 4:25 pm
Room: Regency Ballroom
Encrypted traffic traveling SATCOM links keeps data safe; however, that same encryption provides the perfect means for bad actors to hide in plain sight. Spoofing attacks such as the one that occurred before the Russian invasion of Ukraine, where Russian hackers exploited a poorly configured VPN to gain access to a KA-SAT network and disrupted service, are challenging to identify when the SATCOM network traffic is encrypted. In this discussion, we'll be able to walk you through an example of a spoofing attack in which the attacker hides in encrypted DHCP traffic and how we use ExtraHop to provide visibility and alert to the attack. We will also cover the different approaches for decrypting encrypted traffic and how we parse SATCOM network packets at scale to extract necessary information from the packet for machine learning algorithms to identify a spoofing attack. We will demonstrate these concepts using ExtraHop Reveal X on a PCAP replay. The target audience would be the Incident Responders and security detection engineers in the SOC tasked with ensuring SATCOM network availability and security. ExtraHop specializes in SatCom Intrustion Detection (or network detection and response (NDR)). Plainly put, ExtraHop provides a Defensive Cyber, Network Optimization, and Strategic spectrum use toolset.
Rob Mathieson
Sales Engineering Director
ExtraHop Networks Inc
5:00 pm - 5:30 pm
Room: Grand Ballroom A-D
Johnathon Martin
Deputy Director (Acting), Office of the Chief Architect
National Reconnaissance Office (NRO)

Tuesday, November 18

8:00 am - 3:00 pm
8:30 am - 9:00 am
Room: Grand Ballroom A-D
As CISO for the Department of the Air Force, James "Aaron" Bishop plays a central role in shaping cybersecurity strategy across the Air Force and Space Force. With decades of experience spanning government, industry, and national security, Bishop brings a mission-first perspective to some of the most urgent cyber and defense challenges. In this keynote, he'll share senior insights on securing critical systems and navigating the evolving threat landscape across air, space, and cyber domains.
James "Aaron" Bishop
Chief Information Security Officer (CISO)
Department of the Air Force (DAF)
9:15 am - 10:45 am
Room: Lake Anne

In collaboration with SIXGEN & Aerospace Village


Space is limited to 50 participants. Registration required. 


Join us for a collaborative choose-your-own-cybersecurity adventure in outer space. We will explore the full spectrum of cybersecurity decision making within the context of a realistic space system, its mission, and its threats. To SEIM, or not to SEIM on orbit? Should you bother threat hunting where no LAN has gone before? Patch the bird? Accept the risk? Pay the space pirate’s ransom?

9:15 am - 9:45 am
Room: Regency Ballroom
As the demand for low-latency, high-volume processing grows, On-Orbit Data Centers (ODCs) offer a path to real-time analytics, fused intelligence, and edge autonomy. This session explores how ODCs support evolving mission needs while introducing new cybersecurity risks, from expanded attack surfaces to challenges in securing autonomous operations. Learn how operators are addressing these risks, and why on-orbit compute is central to the future of resilient and scalable space infrastructure.
Lori Gordon
Systems Director
The Aerospace Corporation
9:15 am - 9:45 am
Room: Grand Ballroom A-D
When we suspect the compromise of a computer or simply want to repurpose it, we wipe the machine back to bare metal, re-install an Operating System, and then install the applications. Spacecraft have flight computers, so how do we do this safely with a satellite on orbit? Quick answer: we haven't until now. Using data and experiences from on-going flight tests on the CAPSTONE spacecraft (owned by Advanced Space) at the Moon, I'll talk about NASA's SW-Defined Satellite experimentation and how we took an existing commercial spacecraft, and repurposed it to test out a variety of new concepts and applications from a distance of about 400,000 kilometers.
Theresa Beech
Principal Investigator, CAPSTONE Experimentation
NASA Goddard Space Flight Center
10:00 am - 10:50 am
Room: Grand Ballroom A-D
Winning space contracts today requires more than technical capability. It demands a strong compliance posture. From CMMC 2.0 and IA-PRE to tightening European regulations, space companies must navigate a complex and evolving landscape to work with defense and government customers. This session breaks down what's required, where most companies fall short, and why compliance is now a critical part of space security. With government and defense customers tightening requirements, compliance isn't paperwork - it's a security posture.
Moderator
Dr. Gregory Falco
Asst. Professor
Cornell University
Felipe Fernandez
Chief Technology Officer
Fortinet Federal Inc
Johnathon Martin
Deputy Director (Acting), Office of the Chief Architect
National Reconnaissance Office (NRO)
Victor Murray
Assistant Director
Southwest Research Institute
Dan Trujillo
AFRL - Air Force Research Laboratory
10:25 am - 10:50 am
Room: Regency Ballroom
Inter-satellite links (ISLs) are key to unlocking space-to-space operations, but they also introduce complex cybersecurity and orchestration challenges. This session explores how Satlyt is building secure, decentralized edge computing across satellite networks using software-defined architecture, encrypted routing, and AI-driven anomaly detection. Learn from real-world implementation strategies, including delay-tolerant networking and auction-based resource allocation, that enable resilient, scalable, and monetizable in-orbit infrastructure.
Meyonka Gray
VP of Operations
Satlyt
10:50 am - 11:15 am
Room: Grand Ballroom Foyer
11:15 am - 11:40 am
Room: Regency Ballroom
As quantum computing advances, legacy encryption methods are becoming vulnerable. This session introduces practical approaches to deploying quantum-resistant protocols in proliferated satellite architectures. Drawing from commercial pilots and coalition exercises, the speaker will share implementation guidance for secure key exchange, constrained spacecraft integration, and cross-border interoperability. The discussion offers actionable insights for protecting future LEO constellations and sustaining deterrence through cryptographic resilience.
Ross Coffman
President
Forward Edge-AI, Inc.
11:15 am - 12:05 pm
Room: Grand Ballroom A-D
Hybrid constellations represent the future, but they bring layered complexity. As operators transition toward hybrid constellations that encompass LEO, MEO, and GEO, complexity and risk increase. This session examines how multi-orbit architectures impact cybersecurity, from vulnerable cross-link connections to unpredictable mesh behaviors. We'll analyze the trade-offs between LEO-only and blended networks, emphasize where vulnerabilities arise, and investigate how government investment is accelerating the demand for secure, scalable design across orbits.
Moderator
Mark Holmes
Senior Editorial Director
Via Satellite
Andre Adelsbach
VP, Group Information and Cyber Security
SES
Frank Backes
CEO
Capella Space
Caleb Royer
Program Manager, Adaptive Capabilities Office
DARPA
12:05 pm - 1:15 pm
Room: Grand Ballroom A-D
12:45 pm - 1:15 pm
Room: Grand Ballroom A-D
Alexis Bonnell
Head of AI Adoption and Deployment
OpenAI for Government
1:15 pm - 1:45 pm
Room: Grand Ballroom A-D
1:30 pm - 4:30 pm
Room: Lake Anne

Registration required.


A multinational crew is in cislunar space aboard an imperiled spacecraft, and you are part of the ground team responsible for guiding them to safety. Do you have what it takes to bring them home? This experience will challenge your ability to respond to an incident in cislunar space and choose a course of action that safeguards human life. You will be a critical decision maker in a fictional commercial space company that’s faced with an unprecedented problem.

  • Throughout the exercise, participants will grapple with issues of coordination, uncertainty, and fractured trust—requiring innovative thinking and cross-sector collaboration.
  • You’ll have the opportunity to explore emerging mission capabilities, including the use of quantum entangled networking as a secure channel for restoring trust and ensuring mission continuity.
  • Work closely with your teammates, the Space ISAC Watch Center, and a dedicated government cell to chart a path forward and bring the crew home safely.


1:45 pm - 2:35 pm
Room: Grand Ballroom A-D
Direct-to-device (D2D) is reshaping global communications by linking satellites directly to everyday devices, filling in crucial connectivity gaps in the world's hardest-to-reach environments. As adoption accelerates, new challenges emerge as billions of devices connect directly to orbital assets. Understanding the cybersecurity dimensions of D2D is essential to building resilience, strengthening detection, and fostering trust. This session explores how D2D alters the threat model for space networks, real-world risks ranging from device-level vulnerabilities to large-scale exploitation, and the strategies being deployed across the ecosystem to safeguard users while enabling this transformative capability.
Moderator
Jacob Hafey
Policy Manager
Access Partnership
1:45 pm - 2:10 pm
Room: Regency Ballroom
Detecting cyber threats before they reach software is key to protecting space systems. This session focuses on Radio Frequency Signal Anomaly Detection (RFAD) as a method for early warning. Using case studies and competition results from MIT's Anomaly Detection Challenge, we'll examine how RFAD algorithms operate under tight SWaP constraints and what industries like GNSS and IoT can teach us. Learn best practices for integrating RFAD into space architecture as a first layer of defense.
Zanir Habib
CEO & Founder
Ferociter
2:10 pm - 2:35 pm
Room: Regency Ballroom
This session introduces a three-tier model for space collective defense, developed through engagements with Space-ISAC and US Space Forces Space (S4S). Topics include structuring Primary Intelligence Requirements, applying open-source detection engineering with roota.io, and instrumenting telemetry to map exposure. The approach connects intelligence priorities with practical implementation, offering a coordinated strategy for defending converged space platforms. Recommended for incident responders and cybersecurity teams seeking to operationalize collaborative defense.
William Ferguson
Researcher and Content Creator
ethicallyHackingspace (eHs)
2:45 pm - 3:15 pm
Room: Grand Ballroom A-D
We wrap with a final keynote that looks ahead--highlighting the critical decisions and innovations shaping the next phase of cybersecurity and space resilience.

Wednesday, November 19

7:30 am - 8:30 am
10:00 am - 10:30 am
Classified Program
10:30 am - 11:00 am
Classified Program
Dan Trujillo
AFRL - Air Force Research Laboratory
11:00 am - 12:00 pm
Classified Program
Peter Kaloroumakis
Applied Ontologist & MITRE D3FEND Lead
The MITRE Corporation
Carl Rodio
Chief Engineer, Defensive Space Cyber Operations
The MITRE Corporation
12:00 pm - 1:00 pm
Classified Program
2:00 pm - 2:30 pm
Classified Program
Karan Singh
Advanced Systems and Technology Directorate and a Cyber Security SME
National Reconnaissance Office (NRO)
2:30 pm - 3:00 pm
Classified Program
Dr. Tewauna Raymundo
Chief, Cyber Security Branch, Information Technology Security Officer (ITSO)
NOAA Satellite and Information Service (NESDIS)
3:00 pm - 3:30 pm
Classified Program
3:30 pm - 4:00 pm
Classified Program
4:00 pm - 4:45 pm
Classified Program
Phil Mar
Chief Technology Officer, Global Space Networks
Viasat
4:45 pm - 6:15 pm
Classified Program

Thursday, November 20

7:30 am - 8:30 am
Classified Program
8:30 am - 9:00 am
Classified Program
Mauri Hampton
National Reconnaissance Office (NRO)
9:00 am - 9:30 am
Classified Program
Brandon Bailey
Principal Engineer, Cybersecurity and Advanced Platforms Subdivision
The Aerospace Corporation
9:30 am - 10:00 am
Classified Program
Dan Austin
Space Staff SETA
Sigmatech
Marouane Balmakhtar
Lt Col, Dr.
HQ, Space Force, Division Chief Cyber Operations
10:00 am - 10:30 am
Classified Program
10:30 am - 11:30 am
Classified Program
Moderator
Mark Peller
Senior Vice President, Vulcan Development and Advanced Programs
United Launch Alliance
Eli Bass
L3Harris Technologies
Erin Miller
Executive Director
Space ISAC
11:30 am - 12:00 pm
Classified Program
BG Terri Borras
Assistant Deputy Chief of Staff, G-2
United States Army