T-Minus Space Daily – “Houston, we have a protocol.” (April 5, 2026)

Overview

This episode of T-Minus Space Daily dives into the collaborative frontier of space cybersecurity amid the historic Artemis II mission launch. After recapping groundbreaking news—both lunar and commercial—the show hands off to a panel featuring Parker Wyschek (Aerospace Corporation), Brandon Bailey (Aerospace Corporation), and Kaz Vogel (Blue Origin’s Director of Cybersecurity, Governance, Risk, and Compliance). Their rich, candid conversation covers sector-wide cybersecurity practices, industry frameworks and tools like Sparta, evolving threat landscapes, and big-picture innovations and gaps for the future of space systems security.

Highlights and Key Discussion Points

1. The Artemis II Launch and International Collaboration

Host Maria Varmazes opens with reflections on Artemis II, marking its historic, flawless April 1 launch:

• Personal and collective excitement: “A childhood dream come true for me to see that launch and hear those words.” [00:57]
• International effort: Astronaut Jeremy Hansen (Canada), Orion module built by Airbus for ESA, cubesats from Argentina, Germany, Saudi Arabia, and South Korea, plus new U.S.-Italy moon base partnership
• Quote: “Incredible feats like this are a massive team effort and international collaboration. ... If you want to go far, you go together. I’d say the moon qualifies as far.” — Maria Varmazes [02:15-03:21]

SpaceX News:

• IPO filing potentially valuing the company between $1.75 and $2 trillion

2. The Evolving Challenge of Space Cybersecurity

Introducing the Panel

Parker Wyschek interviews Brandon Bailey and Kaz Vogel, focusing on the state and future of cybersecurity in space operations.
[05:09-05:48]

Kaz Vogel’s Role and Philosophy (Blue Origin)

• Scope: Leader for enterprise information security and privacy at Blue Origin; focuses deeply on “R” for Risk in “Governance, Risk & Compliance.”
• Industry variation: Companies are at different stages of cyber readiness.
• Quote: “In my role, I get to do a lot of really interesting things across a really wide and vast and varied ecosystem.” — Kaz Vogel [05:48]

Principles for Aerospace Cybersecurity

[07:08-10:00]

• Cyber for space is about more than confidentiality (the usual “triad” of confidentiality, integrity, availability).
• Vogel’s advocacy: Add “safety” as a fourth pillar for space systems—especially launch vehicles, satellites, and lunar rovers.
• Distinct challenge: The further from Earth, the harder to retrofit or update hardware, unlike ground systems.
• Quote: “Our community really focuses on confidentiality... But in space systems, we have things that are critical because of safety reasons. ... I like to think of having... a quad. Let’s add safety.” — Kaz Vogel [08:04]

3. The Sparta Tool & Community Collaboration

Origins and Function of Sparta

[10:33-14:08]

• Sparked by White House policy and evolving threats, Sparta was developed to aggregate cybersecurity tactics and knowledge for space.
• Adopted by Space ISAC and widely in the industry.
• Quote: “They need a data repository and knowledge base they can just go to. ... So that’s why we built [Sparta].” — Brandon Bailey [10:33]
• International adaptability: Sparta maps to NIST, ISO, German BSI, MITRE, and functions as “the Rosetta Stone of space cybersecurity.” [14:08]
• Community-driven evolution: Feature and standard requests come from academia, industry, and government.

Practical Application at Blue Origin

[15:32-19:38]

• Vogel values Sparta for bridging engineering and cyber teams via spacecraft functional decomposition.
• Frameworks (NIST, ISO) aren’t always intuitive for spacecraft engineers—Sparta contextualizes controls for subsystems (e.g., sun sensors, avionics).
• “You unleash all this creative energy that results in a more secure capability.” — Kaz Vogel [18:15]
• Sparta is considered open source and authoritative—streamlining conversations with customers and assessors.

4. Features and Innovations in Sparta

[21:20-24:43]

• Inspired by the MITRE ATT&CK framework: Provides a “matrix” of attack chains and associated countermeasures.
• Unlike other frameworks, Sparta is strongly countermeasure-focused—lowering the “activation energy” for engineers to proactively harden systems.
• “If you do all the hard work once, it’s going to make a lot of the stuff on the back end for the actual implementers to be a lot easier.” — Brandon Bailey [23:57]
• Features like the “spacecraft mapper” link threats, countermeasures, common weaknesses, and secure system engineering principles directly to specific components.

5. Industry-Wide Risk Posture and Change

[24:43-29:13]

• Applying Sparta insights upstream: Proactively integrating cyber countermeasures into system and product design.
• Using ISAC data and Sparta heatmaps to identify/quantify real industry threats, trend risk areas, and highlight technology gaps.
• Mission constraints: The need to precisely prioritize cyber measures due to strict size, weight, and power limitations.
• “Every cycle of compute used for cybersecurity takes away from the core mission set ... The maximum SWaP (size, weight, and power) is for its core mission.” — Kaz Vogel [29:13]

6. What the Space Cybersecurity Sector Needs

[30:18-36:10]

Kaz Vogel’s Top Two:

1. Actionable Cyber Threat Intelligence Heatmap
   • The intelligence community “has all the really great data” but struggles to abstract and share actionable info with industry.
   • “If we could tackle that challenge, I think that would be huge.” [30:42]
2. Ability for In-Flight Updates
   • Most deployed satellites and subsystems cannot be updated or patched after launch.
   • Solution could enable resilience against evolving threats for long-lived space assets.
   • “Most...do not have the ability for in flight updates. That is such a basic capability.” [31:30]
   • Current focus is on encryption and “over-the-air rekeying” but not full subsystem command authentication.

Brandon Bailey adds:

• Higher Technology Readiness Levels for on-board intrusion detection/anomaly detection and cyber defense in swap-constrained environments.
• “The TRL level of some of the cyber technology...needs to advance a bit more because they are swap constrained ... you can’t just throw a new hardware thing up there.” [33:21]
• The sector also needs a cultural shift—encouraging spacecraft engineers to embrace proactive cybersecurity before a “black swan” event forces the issue.

7. ThreatOps, Telemetry, and Next Steps

[36:10-38:02]

• Most space avionics are not built with cyber-relevant telemetry in mind, making it hard to distinguish between environmental upsets and potential attacks.
• Need for anomaly detection: “If you can say, look, here are normal operations, here is off nominal, and here are the things that might be an indicator of compromise, you can really shorten that decision.” — Kaz Vogel [37:28]
• Key wish: Automated, real-time analysis of space system telemetry for cyber indicators—a significant current technology gap.

Notable Quotes & Memorable Moments

• “Godspeed to Reid Wiseman, Victor Glover, Christina Koch, and Jeremy Hansen as they make their way to and around the moon.” — Maria Varmazes [01:12]
• “Incredible feats like this are a massive team effort and international collaboration.” — Maria Varmazes [02:19]
• “In cybersecurity, we talk a lot about our triad...I think our community really focuses on confidentiality...But in space systems, we have things that are critical because of safety reasons.” — Kaz Vogel [08:04]
• “Sparta...functions as a Rosetta Stone of space cybersecurity.” — Brandon Bailey [14:08]
• “If you architect and design for compliance, you will not have a secure nor a resilient capability.” — Kaz Vogel [15:45]
• “You unleash all this creative energy...and it results in a more secure capability.” — Kaz Vogel [18:11]
• “You need to be very, very precise...these vehicles are very swap constrained and we need to make sure that the maximum swap is for its core mission.” — Kaz Vogel [29:13]
• “Most deployed subsystems do not have the ability for in-flight updates. That is such a basic capability.” — Kaz Vogel [31:30]
• “The culture is probably the right word...what tends to change those…is these black swan type events.” — Brandon Bailey [34:30]
• “Avionics assemblies were never built to give us cybersecurity relevant information ... if you don’t have that context, you can’t [do ThreatOps].” — Kaz Vogel [36:19-37:53]

Timestamps for Major Segments

• 00:57 — Artemis II launch recap & international collaboration
• 04:27 — Episode setup and handoff to panel discussion
• 05:09 — Introductions: Parker, Brandon, Kaz
• 05:48 — Kaz Vogel describes her role and Blue Origin’s cyber priorities
• 07:08 — Safety as a core pillar in space system cybersecurity
• 10:33 — Sparta tool: origin, function, and community expansion
• 12:31 — Community input and evolution of the tool
• 15:32 — How Blue Origin leverages Sparta practically
• 21:20 — Sparta’s features, countermeasure focus, and engineering alignment
• 24:43 — Integration of cyber risk upstream in development cycles
• 29:13 — Panel on prioritization under size, weight, and power constraints
• 30:18 — What the industry needs: intelligence sharing and in-flight patching
• 36:19 — Telemetry, ThreatOps, and automating anomaly detection
• 38:02 — Wrap-up and ways to contribute to Sparta

Conclusion

This episode is a must-listen for those interested in how the space sector is tackling the daunting and ever-evolving challenges of cybersecurity. The panel candidly explores not just the technical advances (and barriers) of tools like Sparta, but the cultural, organizational, and collaborative shifts necessary as humanity ventures further from Earth. Actionable threat intelligence, resilient engineering, real-time awareness, and cross-sector openness emerge as critical themes for the next chapter of the space domain.