Above the Cloud: Enhancing Cybersecurity in the Aerospace Sector

Florida International University Law Review, 2015, Forthcoming

33 Pages Posted: 23 Oct 2014

See all articles by Scott Shackelford

Scott Shackelford

Indiana University - Kelley School of Business - Department of Business Law; Harvard Kennedy School Belfer Center for Science & International Affairs; Center for Applied Cybersecurity Research; Stanford Center for Internet and Society; Stanford Law School

Scott Russell

Indiana University Bloomington - Center for Applied Cybersecurity Research

Date Written: October 21, 2014

Abstract

NASA’s Jet Propulsion Laboratory was under sustained cyber attacks for years, according to Congressional testimony. Yet this incident was only part of a string of some thirteen successful breaches in 2011 alone, prompting an investigation by the NASA Office of Inspector General, which stated: “We found that computer servers on NASA’s Agency-wide mission network had high-risk vulnerabilities that were exploitable from the Internet.” The report goes on to note, “These deficiencies occurred because NASA had not fully assessed and mitigated risks to its Agency-wide mission network and was slow to assign responsibility for IT security oversight to ensure the network was adequately protected.” Yet NASA is far from the only victim in the air and space sector of cyber attacks. Organizations ranging from defense contractors like Lockheed Martin to SpaceX have been targeted, and sometimes penetrated, resulting in the loss of invaluable trade secrets that impact economic competitiveness and national security alike. This Article argues that a polycentric response is needed to manage the cyber threat to the aerospace sector. As part of this approach, aerospace organizations should utilize the recently released National Institute for Standards and Technology Cybersecurity Framework to better protect their assets by instilling cybersecurity best practices from the bottom up, and engage in more robust information sharing similar to recent efforts in the critical infrastructure and retail sectors.

Keywords: cybersecurity, aerospace, space, aviation, NIST Framework, cyber attack, trade secrets

Suggested Citation

Shackelford, Scott J. and Russell, Scott, Above the Cloud: Enhancing Cybersecurity in the Aerospace Sector (October 21, 2014). Florida International University Law Review, 2015, Forthcoming. Available at SSRN: https://ssrn.com/abstract=2512905

Scott J. Shackelford (Contact Author)

Indiana University - Kelley School of Business - Department of Business Law ( email )

Bloomington, IN 47405
United States

Harvard Kennedy School Belfer Center for Science & International Affairs ( email )

79 JFK Street
Cambridge, MA 02138
United States

Center for Applied Cybersecurity Research ( email )

Wylie Hall 105
100 South Woodlawn
Bloomington, IN 47405
United States

Stanford Center for Internet and Society ( email )

Palo Alto, CA
United States

Stanford Law School ( email )

Stanford, CA 94305
United States

Scott Russell

Indiana University Bloomington - Center for Applied Cybersecurity Research ( email )

Wylie Hall 105
100 South Woodlawn
Bloomington, IN 47405
United States

Register to save articles to
your library

Register

Paper statistics

Downloads
90
Abstract Views
579
rank
280,019
PlumX Metrics