Kaz Vogel (4:14)

Foreign.

Maria Varmazes (4:27)

Today is April 5th, 2026. I'm Maria Varmazes and this is T minus. For our chat. On today's show, I'm gonna hand the reins over to friend of the show and Nexus segment host Parker Wyschek of the Aerospace Corporation. In this chat, Parker interviews Brandon Bailey, also from the Aerospace Corporation, and Kaz Vogel, who is Blue Origin's Director of cybersecurity, governance, risk and compliance. This is a great discussion about all things space, cybersecurity priorities and industry collaboration. Here's the conversation.

Parker Wyschek (5:09)

And you're here in the Nexus, courtesy of the T Minus Space Daily podcast. My name is Parker Wyschek at the Aerospace Corporation. In a recent episode of Nexus, we had a conversation with Aerospace's Brandon Bailey on space cybersecurity. Kind of an overview. Today we're going to talk again with Brandon and we're excited to be joined by Cass Zech Vogel, who is the director of cybersecurity, governance, risk and Compliance at Blue Origin. We're going to talk a little bit about some of the principles branded, teed up, just that are percolating out in the space domain. But real quick, Cass, if you could describe your role and responsibility at Blue Origin.

Kaz Vogel (5:48)

Absolutely. So the wonderful thing about C, G, R and C, those are four letters that absolutely nobody wants to talk about. So in my role I get to do a lot of really interesting things across a really wide and vast and varied ecosystem. And so I'm accountable for our enterprise information security and privacy programs here at Lou. And so I like to say it's a silent G and a silent R and a silent C. And I love to Focus in on the R. So that is really the central perspective of what I like to do.

Parker Wyschek (6:31)

And you being here, having your role kind of exemplifies Blue Origin is leaning forward on space cybersecurity. I know one of the observations is that that kind of approach to cyber varies across the industry. Different companies are at a different point of the cyber readiness spectrum and commitment to shoring that up. So how do you think the aerospace industry should approach cybersecurity? You can take that on from just an overall posture perspective or get into the tactical training and simulations wise, but would love your thoughts on that.

Kaz Vogel (7:08)

So, you know, I actually, I'm an army veteran and I grew up doing space operations and that is my core discipline. And it prepared me well to think about cybersecurity in the context of a space ecosystem. And I've been doing this for a few years and we are in exciting times where we are talking about moving so many capabilities off of this planet and into near Earth orbit and far earth orbit and really, you know, interplanetary journeys. And that is so such an exciting, exciting thing to think about. When you decompose space architectures, there are lots of different elements and the things that are on the ground are a little easier. They're on the ground, you can retrofit them, you can change them out, they're easily patched. But the further off of this planet we get, the more challenging it becomes. And even from a life cycle epic, we have things that are in development and then they get integrated and test and then you get to launch and launch vehicles have their own set of considerations that are different than satellites and launch vehicles. A little more like aircraft in that we're now getting to the point where we have reusable launch vehicles and they come back down and you can retrofit them and you can patch them and you can update them. But our space vehicles, we're not there yet. You know, in cybersecurity we talk a lot about our triad, confidentiality, integrity and availability. And I think our community really focuses on confidentiality. It's kind of our default and it can be to the deficit of integrity and availability. And in space systems we have things that are critical not because of confidentiality, they're critical because of safety reasons. And you know, when you look at a cyber physical consequence, it's more often the loss of integrity or the loss of availability that can have a true mission impact. And so I like to think of having getting off of a three legged stool and having a quad. You know, let's Add safety. We have cians. And so, you know, confidentiality. I'm not saying it's not important, but we can't rely entirely on encryption and we absolutely do need to be thinking about integrity and availability as we are designing and deploying our capabilities. So I definitely think that having that cyber physical and safety context is really important, particularly for launch vehicles and satellites and lunar rovers and all of the things that are not on this planet.

Parker Wyschek (10:00)

You mentioned confidentiality against safety and it's very interesting you kind of turn confidentiality on its head in the way that the space cyber community collaborates. So I'm going to definitely segue into Brandon talking about how the community works together to share knowledge. And you were behind one of the key architects behind one of the main public tools that exist out there today to enable that.

Brandon Bailey (10:33)

Yeah, yeah. That's part of space att&ck research and tactic analysis that we built that a couple years ago out of necessity. Kind of more than anything else is we saw as space policy was coming out from the White House and the threat landscape was changing, that there needed to be some aggregation of information that as these corporations like Blue Origin and others start down this path and get us to Mars and other places, they need a data repository and knowledge base that they can just go to to pull from as it relates to threats and what to do about them. So that was kind of why we built it, based on years and years of information. And it's got pretty good adoption thus far through the community and from an information sharing perspective that brings in like the Space ISAC for instance, is as a key tool to share information. So they've adopted what we've built from the Sparta perspective too, as a mechanism to share threat intelligence data and tracking of what adversaries are doing and what attacks are happening out there.

Parker Wyschek (11:38)

Space isac, the Space Information Sharing and Analysis center, another one of those convening points in the industry where companies large and small and groups like aerospace and the US Government are all collaborating on these challenges. And the Sparta tool you mentioned is integrated in their Watch center. Sparta started out as an aerospace invention and innovation that was offered to the community public free of charge. I don't want to call it open source, but certainly the product you put out years ago doesn't look like the product that you have today based on the inputs from the community. So you said adoption was looking pretty, pretty great across the community. Characterize that a bit more. And what's the input from the community been like in evolving that tool?

Brandon Bailey (12:31)

Yeah. So from the Community input, perspective. It's been, you know, we have a email that you just email spartaero.org, but most people know me pretty well so they just reach out to me directly. But we get contributions from academic community and the government and the commercial sector as well. So they basically just send information directly to us about hey, they give us feedback or they say hey, here's a new technique that we discovered or hey, this countermeasure might need updated in this way. And we keep a running tally of non aerospace people and their contributions who are willing to be publicly attributed to contributing to Sparta on, on the website. So if you just go there and look at contribute, you'll see a long list of people that's, that's been been there. So it ranges from, you know, additions to new techniques, new countermeasures. But one of the things that we've that really is expanded and driven mostly by community feedback is like the additional tooling that we've built in there. There's all these little tools that we build and data correlations and mappings and things that we do and those are usually user driven. And one example would be in the U.S. on the U.S. side we focus on NIST 853 as a big governance compliance capability framework that the U.S. government uses. Well, the Europeans use ISO. So shortly after we launched, you know, we had all these NIST things in there. We, we, some Europeans reached out to us and said hey, that's nice and all, but we don't use NIST here, we use ISO. So could you potentially publish your stuff in correlation to the ISO standards? And I say well, sure, okay, so that's, that was something that we did there and we do, we do a lot of those things as, as the kind of the community asks for them and what they're looking for and as new things happen, like there's, there's new tools that are coming out all the time. There's like new standards. We're going to publish a mapping and translation of the new. There's a BSI standard that was put out by the German government on space cybersecurity. So we're going to have a correlation to that pretty soon. You know, the Miter embed framework came out last year, so we correlated to that. A lot of people talk about cyber security in a lot of different ways and slightly different terminology. And the term I use is the Rosetta Stone of like space cyber security. Yeah, sure. There's things over here that make sense. There's things over here that make sense. But like, how does that relate to all the other things that we kind of know about? So you can kind of go to Sparta now and you can kind of see how it relates to nist, how it relates to ISO, how it relates to MITRE frameworks, how it relates to these various other standards that are happening out there.

Parker Wyschek (15:09)

And you know, one of the new evolutions of Sparta indicators of behavior, maybe we can talk about that a little bit. Partnership with the US government led to those. Cass, you and Blue Origin are using Sparta. Talk about how you're using Sparta, if you could. And you know, how are you using insights that you gain from the rest of the enterprise and, and the use of this tool in the collaborations.

Kaz Vogel (15:32)

So I'll start by saying, you know, I actually started this work pre discap and that's dating myself. So I've seen DISCAP and Diet Cap and rmf, but I was trained on the Rainbow series and that was an original body of knowledge from nsa. And it still to this day is one of the most valuable tenants that we have. I think that, you know, we are trying multiple frameworks, but I think one of the issues is if you design, if you architect and design for compliance, you will not have a secure nor a resilient capability. And you know, I think that's pretty well understood. So when you're looking frameworks are inherently compliance framework, they're centric. I mean that's their whole intent is to say here is compliance target. Well, you know, our NIST and even ISO, they're very IT centric. And so when you are talking to spacecraft engineers, they look at the control gobbledygook and they're like, I don't know what to do with that. In the context of a GNC or an avionics assembly or our EPS subsystem, it doesn't make sense. So what you end up having is you spend a lot of time trying to contextualize the controls for a space platform for discrete avionics assemblies and subsystems. And then if you have a customer or a third party assessor, you spend an extraordinary amount of time justifying your control implementation. Here's what I love about Sparta. My favorite part is the spacecraft functional decomposition module. The reason I love it so much is because it happens to align really nicely with engineering teams. They tend to be by substance system and they, you know, even cybersecurity professionals have a hard time navigating control language and trying to think, well, how do I apply that to Yanmaos Senser? So what it and it, it helps them to say, okay, here's my subsystem, here is a way that could potentially be exploited. And this is where it gets really powerful. Those engineers, as it happens, are really smart. They understand the low level design, they understand the software and the hardware architectures and they get really galvanized around. Oh, that's what we're trying to prevent. Well, here's what we can do. And they get really creative and you just unharness, you unleash all this creative energy that in fact results in a more secure capability and you just kind of remove this abstraction layer that we find ourselves in. And I actually do consider Sparta to be open source and I love that about it. And it's also authoritative. So when we're talking to an assessor or a customer, we can simply say we did threat modeling using Sparta and here are, when we were looking at our threats and ttps, here are the countermeasures that we selected and it correlates to these controls and all of that mapping is done for the engineers. And then you kind of remove this philosophical debate about whether or not a control is appropriate or not. And did you meet it? Is that an inaccurate way to do that in the command and data handling subsystem? So you just really. I think it creates efficiencies and it accelerates the entire development life cycle.

Maria Varmazes (19:38)

We'll be right back.

Sponsor/Advertisement Voice (19:42)

When it comes to mobile application security, good enough is a risk. A recent survey shows that 72% of organizations reported at least one mobile application security incident last year. And 92% of responders reported threat levels have increased in the past two years. Guard Square delivers the highest level of security for your mobile apps without compromising performance time to market or user experience. Discover how Guard Square provides industry leading security for your Android and iOS apps at www.guardsquare.com.

Maria Varmazes (20:28)

And now a word from our sponsor, arcova. Formerly Morgan Franklin Cyber, arcova is a global cybersecurity and AI consulting firm. Built by practitioners who've been in the seat, they work directly with enterprise teams to solve complex security challenges, building secure by design programs that hold up as technology and threats evolve. From focused engagements to long term partnership, arcova delivers outcomes that endure because no one should navigate complexity alone. Learn why leading Global Enterprises Trust arcova@www.arcova.com that's a R C O V A dot com.

Parker Wyschek (21:20)

I wasn't, I wasn't aware of that feature. I love that, I love that there's layers and layers. If you haven't played around in Sparta or aren't familiar with Sparta or the Mitre framework, it's tactics, techniques and procedures that kind of flow together in a likely attack chain. I want to say likely attack chain that is comprised, if the database is comprised of both, you know, seen in the field threats as well as lab tested threats. Brandon, maybe talk a little bit about what people are going to see in Sparta and then I really want to come back to something Cass said after you're done with that.

Brandon Bailey (21:57)

Yeah, so it is, it is, you know, thinking about the inventions or whatever like MITRE pioneered, I don't want to take credit for, for their work that they did because they kind of set the industry standard on, on organization of, of knowledge bases around cyber security with tactic techniques and procedures. So we just kind of said, hey, what's out there that works? And that's what works. So we kind of adopted that. So what you do, you see, you see tactics techniques in like a matrix format. And the matrix format is good because what you're talking about, attack chains, it's, it's multiple permutations can happen, right? So like you can gain initial access from one way, but then from there you can do these 10 other things and there you can do these other things. So it kind of ties together that way. And what, what, what we try to do is like, for every time there's a technique is there's correlating countermeasures and like, what. One of the things that we do that other people don't do in their frameworks is like, we are really countermeasure focused. Like, yeah, we, we document the threat landscape and the threats, but the whole point of that is just to drive the countermeasures that we think need to be implemented. So, so we're just trying to lower that activation energy for people to say, hey, these are the countermeasures that I need. So you have all the threats, you have a laundry list of countermeasures. And then, oh, by the way, if you pick these countermeasures, it helps you be compliant with these standards that Cass talked about. So that's, that's kind of how it's laid out. And, and what she's talking about was this, the spacecraft mapper. That was a feature that we added a couple releases ago for that, for that purpose of building secure components and secure subsystems in the spacecraft, people were having a hard time understanding how these individual techniques and controls actually apply to a Sun sensor or a reaction wheel or a commanded data landing subsystem. So now you can Just go in there and click Sun Sensor and you can see all these things. These are the techniques. And then what we also did was correlate to miter common weakness enumeration. So like typically these systems or components could have certain weakness types. And what we did was like we, we correlated those to certain weakness types and then we, we also correlated Those with the NIST 800160 design principles for secure system engineering. That way what you said, hey, if I'm building this sun sensor or the subsystem, you can kind of just go here and it's like, oh, these are all the things I need to look, worry about preventing. Oh, here's all the types of things I should look at. And oh, by the way, here are the design principles from NIST 800160 that I should consider to mitigate those. It all kind of ties together. So the whole point is just like, let's just lower the activation energy for all these people to build the security in. If you do all the hard work once, it's going to make a lot of the stuff on the back end for the actual implementers to be a lot easier. And that's the whole focus of what we're trying to do.

Parker Wyschek (24:43)

Cass, the way you were talking about how you're using this tool really clicked for me. You're not not just playing an arbitrary what if game, you are really bringing these insights, this readiness posture preemptively and proactively into the product design life cycle, the system design life cycle. And if you kind of take that thread to the larger scale, the systems of systems and space ecosystems life cycle, talk a little bit about how that approach is helping the industry writ large, stay ready and innovate in this, in a domain that is marked by threats. Well, and for both of you.

Kaz Vogel (25:31)

Yeah. So, you know, it's an interesting thing. So when you're doing, when you're trying to approach your design from a risk centric perspective, part of doing a risk assessment is understanding what's the likelihood that we're going to actually encounter this threat and actually have an exploit. And so that has been really challenging. And I'll say that in trying to figure out, in fact, Brandon and I did a really interesting exercise where we looked at a whole bunch of frameworks and we looked at, you know, we kind of did this, this heat map based on it was enabled by the watch center and the space isac. And they said, well, here are, you know, the reports that we received. And they kind of said, here are the ones that we're seeing the most of. And so what you can, you can kind of extrapolate that and say, oh, this might be an indicator of where we have the most threat. And so we would be thinking about those sorts of things and how so that, that likelihood and the actual risk assessment mathematical approach that you take. And you know what the other thing that it does from a technology perspective, whether you're, you know, buying a commercial capability or you're making something, you can kind of say, oh, interesting, okay, we know that there's a lot of threat in this area and yet we have assemblies, avionics assemblies that have no organic capabilities to react. So I would say that's been another one of the interesting things where you could say we have an inadequacy of technology to respond to the threat environment. And if you're trending it over time, that also can help. And so I think not only pointing out where we have technical issues to overcome, it also helps us to I think, understand, oh, do we have architectural things we need to be thinking about? Because if you have technology and you know, limitations, you have to kind of think about, well, where can we, where can you put countermeasures if not in the native subsystem?

Brandon Bailey (27:51)

Jumping on that point. So the, the whole likelihood conversation, that's a debate always within itself of how likely something is to happen. And, and you know, it's, you never really know truly. But one of the things we try to do in Sparta, which we've gotten a lot of good feedback on, is we've already pre prioritized and published notionally what we feel like the likelihood would be, assuming there is a highly motivated adversary that's going to attack your system. Given that we don't understand every design, but just a notional design like a standard space vehicle based on kind of historically how they're built, we've already kind of pre prioritized the likelihood of those and giving those out to people because like a, a command link injection, a RF based attack is a lot different and more likely than maybe some sort of proximity operations type thing. Right? Those are completely different things. And so their likelihoods are going to be kind of different notionally. So we pre prioritize that for people and to try to give them that leg up of like, okay, these are the things I might need to worry about the most. And you know, that's, that's out there for people to consume as well because you're not gonna be able to mitigate all 150, 200 techniques. So it's like, all right, which 10 do I do? And we've already kind of pre, prerated those for people to hopefully help them, you know, start down the right path quicker.

Kaz Vogel (29:13)

And I think, if I may, the other thing, for anyone who has ever been, I like to call it a cage match. And that's around space weight and power, where those budgets are bogarted by very mean engineers. The chief engineer is unwilling to give up anything. And so when you're thinking about cybersecurity, it's kind of considered an overhead function, not necessarily part of the core mission set. So every single cycle of compute that is used for cybersecurity takes away from the core mission set. And so having an understanding truly of what are the top things that we are trying to protect against, we need to be very, very precise in that. And for that very reason, these vehicles are very swap constrained. And we need to make sure that the maximum swap is for its core mission.

Parker Wyschek (30:18)

I would love to know what's missing from the nation's space cyber palette. Are there tools or infrastructure components or government governing bodies, convening bodies that either need to evolve or that we don't have right now? It can even be an evolution of the Sparta tool itself that you have in mind. We'll start with Cass and then Brandon. What does the nation need more of for space cyber readiness?

Kaz Vogel (30:42)

There are two things that would be such catalysts for the broader international space community. The first one would be a cyber threat intelligence heat map. And this has been extraordinarily challenging to even get, you know, you know, a heat map. And, you know, and normally that the intelligence community has all the really great data and it's really hard for them to figure out how they abstract, you know, all the, their sources and methods and give an actionable product to even, you know, the American space industry. So that would be one. If we could tackle that challenge, I think that would be huge. The other thing that I would say is that, and this might sound a little funny, but when it comes to space vehicles, satellites and things that don't return hopefully to earth that we deploy, when you're looking at individual, you know, avionics assemblies, most of them do not have the ability for in flight updates. That is such a basic capability. And if we could do that, we could make so many advancements in terms of our ability to respond to threats over time. And what we know about space capabilities is most of them far exceed their design life. And so we need to be thinking about how do we maintain these, how do we set them up to be resilient for the threats that we don't even know about yet.

Parker Wyschek (32:33)

Maybe I'm a little naive. That's a little surprising to hear, Cass. And listeners might agree. Is that just a recent recognition or

Kaz Vogel (32:43)

is that just a little bit of that? I think we've been overly focused on encryption. We do over the air wreaking absolutely no problem. That's a very well understood thing. But if you're talking about a sun sensor or reaction wheel, many of those assemblies, they don't do command authentication. They will accept a command from anything and it may or may well not be, you know, a well defined command, but they certainly are not necessarily something that you could, while it's in orbit, update. And I think that is very largely true with the exception of probably encryptors.

Brandon Bailey (33:21)

Brandon, I guess onto your, your first question. What, what do we need more of the, the threat intel heat map is, is, is a good one. That's, I think that actually applies almost about any industry to be honest with you, is actionable threat intelligence data and hopefully the space isac, you know, they're helping us get down that pathway. But you're constrained by the data you have, right? You can't just make things up out of thin air. So, so that's a good one. So I'd be probably a little more technical in my answer, at least from what I, what I'm seeing. The TRL level of some of the cyber technology that we feel like we need to run on these swap constrained environments, I think needs to advance a little more because they are swap constrained. You can't just throw a new hardware thing up there. There's too much power, there's too much size. A software thing may have too much processing. We may not know all the, you know, what it looks like. So we try to, we try to tackle that a little bit, you know, in Sparta and a few other things. That was the indicators of behavior thing that you mentioned earlier is because there is close to consensus on the fact that we feel like we should be monitoring for cyber type anomalies and cyber type faults and attacks on a spacecraft. So with that we pushed out those indicators and behaviors last year to educate people on what it could look like so they could build these intrusion detection type capabilities, cyber anomaly detection capabilities on space vehicles. So that CRL is pretty low right now on like being able to detect and respond to cyber anomalies, if you will, on the, on the vehicle. And then thirdly is a less technical thing is, is more the Just the knowledge, the knowledge of the, the threat and the reality and the changing of the. On a perception or culture is probably the right word. I get it. Spacecraft engineers, especially ones that have been working in this area for a long time, right, They've built things for 20 years, nothing bad's ever happened. And then you have the cyber people coming to say, look, the Scout's falling, all the bad things are going to happen. And it's like, well, we've been doing this for 20 years and nothing bad happens. And now I got to do all this stuff that I don't want to do. So like that's a culture thing. And unfortunately what tends to change those type of viewpoints and culture is these black swan type events that tend to happen globally that then just change people's minds instantaneously. Hopefully never have to get there to that type of thing. But that's something, just a culture change and that would be really beneficial because then you'll open people's minds up and then all the other stuff, then you'll have technology investment and then you'll have all these other things that kind of come downstream from, from that culture shift.

Parker Wyschek (36:10)

Cass, I think one area you'd love for the industry to focus on a little bit more is actionable thread ops. Let's talk about that.

Kaz Vogel (36:19)

You know, so avionics assemblies are amazing. There is no shortage of telemetry, but their telemetry isn't really giving you. It wasn't over purpose built for cybersecurity indicators. You know, like in an operating system you have, you know, security audit logs, but then you have application logs and other things about performance and consumption. So avionics assemblies were never built to give us cybersecurity relevant information about these assemblies that are in space. So what you end up seeing oftentimes are called a single event upset, which is the space lexicon for, I don't know, it was definitely anomalous. Don't know if it was a solar flare, could have been a bad actor, could have been a rendezvous proximity op, who knows what that was? But it's an seu. But if we had. And so, you know, I think that's kind of where Brandon is going is to say here are, you know, indicators of behavior or indicators of compromise. And so if you can say, look, here are normal, you know, operations here is off nominal and here are the things that might be an indicator of compromise. You can really shorten, you know, that, that decision. And we have to, we can't have humans combing through, you know, giant hill stacks of telemetry. Time to figure out what just happened. And so that is actually a technology limitation today, I would submit. So I want to see that you can get to ThreatOps. If you don't have that context, you can't.

Parker Wyschek (38:02)

I think that's a great place to end it. There's a whole community of the space cyber community working on just that, on solving all the technical challenges. We got to talk with just two of those folks today. Cass Vogel at Blue Origin, Brandon Bailey at Aerospace. Look for them on the space cyber circuit. If you are interested in contributing to Sparta or joining the Sparta community, Visit the website sparta. Aerospace.org or email spartaero aero.org we'd love your input. In the meantime, I am sure that we'll be revisiting Cyber in this segment on a future episode. Until then, we'll see you next time here in the Nexus.

Sponsor/Advertisement Voice (38:47)

Foreign

Maria Varmazes (38:50)

that's T minus Deep Space brought to you by N2K CyberWire. We'd love to know what you think of our podcast. Your feedback ensures we deliver the insights that keep you a step ahead in the rapidly changing space industry. If you like the show, please share a rating and review in your podcast app or you can send an email to space2k.com we're proud that N2K CyberWire is part of the daily routine of the most influential leaders and operators in the public and private sector. From the Fortune 500 to many of the world's preeminent intelligence and law enforcement agencies, N2K helps space and cybersecurity professionals grow, learn and stay informed. As the nexus for discovery and connection, we bring you the people, the technology and the ideas shaping the future of secure innovation. Learn how@n2k.com N2K's lead producer is Liz Stokes. We are mixed by Elliot Peltzman and Trey Hester with original music by Elliot Peltzman. Our Executive producer is Jennifer Ivan. Peter Kilpe is our publisher and I am your host, Maria Varmazes. Thank you for listening. We'll see you next week and Godspeed. Artemis 2.

Brandon Bailey (40:04)

Sa.

Parker Wyschek (40:30)

Foreign.

Sponsor/Advertisement Voice (40:39)

Ever wished you could rebuild your network from scratch to make it more secure, scalable and simple? Meet Meter, the company reimagining enterprise networking from the ground up. Meter builds full stack zero trust networks including hardware, firmware and software, all designed to work seamlessly together. The result? Fast, reliable and secure connectivity without the constant patching, vendor juggling or hidden costs. From wired and wireless to routing, switching, firewalls, DNS, security and vpn, every layer is integrated and continuously protected in one unified platform. And since it's delivered as one predictable monthly service, you skip the heavy capital costs and endless upgrade cycles. Meter even buys back your old infrastructure to make switching effortless, transform complexity into simplicity, and give your team time to focus on what really matters, helping your business and customers thrive. Learn more and book your demo@meter.com cyberwire that's M E T E R.com cyberwire Sam.