.svg){kind=icon}
Go back
"Satellites are just the tip of the iceberg – real cyber risks in space start on the ground, from day one of design." – says Mathieu Bailly, Vice President of CYSEC, a data security company headquartered in Switzerland & Co-Founder and Director at CYSAT, the first European event entirely dedicated to cybersecurity for the space industry.
In the exclusive interview by THE SIGN, co-founders Tatiana Skydan and Olga Nasibullina explore the evolving world of space cybersecurity.
Mathieu Bailly, Vice President of CYSEC, a data security company headquartered in Switzerland & Co-Founder and Director at CYSAT, the first European event entirely dedicated to cybersecurity for the space industry, shares his expert insights on what it takes to secure satellites and space systems in today’s high-stakes digital landscape – from the hidden threats in ground infrastructure to the growing influence of AI and global defense interests.
My general answer has always been: everything happens on the ground. Satellites are the most visible part of the space industry - everyone thinks about them - but in reality, they are just the tip of the iceberg.
To operate satellites and deliver value to society and businesses, there is an entire ground infrastructure: satellites must be designed, assembled, integrated, tested, and controlled from Earth.
Cyber risks exist from day one - as soon as an engineer begins to design a space system, the potential for sensitive data leaks arises. These threats continue throughout the lifecycle of the satellite, up until and even beyond its deployment in space.
I began working on space cybersecurity in 2018, right at the rise of the New Space movement - characterized by smaller satellites and the commercialization of space. Historically, space was about science and exploration. When I was a kid, I watched NASA or ESA missions sending probes to the edges of the universe. It was all about discovery for the benefit of humanity.
Today, space is also a business. The commercialization of space revolves around the collection and transmission of sensitive data, which inevitably attracts hackers.
We’re now seeing a strong government interest in reclaiming some control over commercial space activities. Ministries of Defense (MODs), Departments of Defense (DODs), and other institutions increasingly pursue dual-use and sovereign missions. This shift is driven by geopolitical concerns and the need for data sovereignty - nations don’t want to rely on foreign actors for critical space-derived information.
This growing defense interest requires private companies to meet strict cybersecurity standards. Complying with these regulations means companies must hire security officers, build cybersecurity capabilities internally, and adapt their processes. In this way, government contracts are helping to mature the space industry’s cybersecurity posture.
In the U.S., this public-private collaboration has been well established for years, with DOD budgets flowing into commercial space. Europe, by contrast, has been slower to adapt. The boundary between institutional and private sectors has historically been clearer, with space activities largely focused on open science and optical instrument development. But now, as Europe shifts toward defense-related missions, the entire ecosystem is evolving.
The answer is always: both.
AI is a tool—available to both defenders and attackers. It’s already being used by space companies to protect themselves, and by hackers to carry out sophisticated attacks.
While space is perceived as high-tech, the truth is that many space engineers are cautious about adopting new technologies. Because space is such a harsh and unforgiving environment, engineers traditionally prefer tried-and-true solutions. This conservatism is slowly changing, especially with the rise of small satellites and shorter mission durations that allow for faster tech adoption.
At CYSEC, for example, we’ve worked on using AI to detect anomalies in satellite communications—both uplink and downlink. AI can play a significant role in detecting, responding to, and preventing cyberattacks. But on the flip side, AI is equally accessible to adversaries. A hacker could use tools like ChatGPT to reverse-engineer a proprietary protocol or automate intrusion attempts.
The old philosophy of "security by obscurity" - making systems secret and complex in hopes no one will crack them—no longer works in the age of AI. Obscurity is no defense when powerful reverse-engineering tools are at everyone’s fingertips.
It’s been an incredible journey. We started in 2020 with the idea of organizing a space cybersecurity event in Europe. At the time, events like this existed in the U.S., but not in Europe. The community was small, but very enthusiastic.
The first edition took place online during the COVID-19 pandemic and attracted about 150–200 participants. Many realized that cybersecurity in space was a growing concern. Companies were getting attacked—and it was only a matter of time before space companies became targets too.
In fact, when we first talked to satellite operators in 2018, some admitted there was “no security at all.” The risk simply wasn’t on their radar. Today, things are different. Whether a company works directly with defense or simply supports a client who does, they may become an indirect target.
Since our first in-person CYSAT event in Paris in 2021, attendance has doubled each year. Now, there’s growing global interest - from North America to Asia to Australia. What sets CYSAT apart is our philosophy of security through transparency. We believe in open dialogue, knowledge-sharing, and community collaboration - just as the open-source community has done so successfully with projects like Linux.
The early days were the toughest. When we first introduced the idea of satellite cybersecurity, most people didn’t see the need. The majority were skeptical, uninterested, or outright dismissive.
Convincing the industry that space systems could be valuable targets - and that these risks were real - required significant effort. We were almost evangelizing. The challenge was especially clear when considering how advanced satellite imaging and sensing capabilities had become - able to track people, cars, even activities in real-time with remarkable precision.
The mismatch between the technical capability of satellites and the industry’s cybersecurity maturity was stark. Today, this gap is closing, and we’re seeing encouraging signs - like the Director General of ESA attending this year’s CYSAT.
Cybersecurity exists because of conflict. In an ideal world, it wouldn’t be necessary. But in today’s reality, it is vital.
While it’s unfortunate that global tensions drive the need for security, I’m optimistic about how the space cybersecurity community is evolving. The fact that we now have hundreds of people coming together at CYSAT- people I’ve never met before—is a clear sign that the movement is real and growing.
We’re building a global community with the shared goal of securing the final frontier.
Join the World's biggest space cybersecurity community: www.cysat.eu
You can support TheSIGN by becoming our SATELLITE. Click to learn more about sponsorship.