CERT-In Framework for Space Cyber Security

Key Facts and Data Points

• Agency: Indian Computer Emergency Response Team (CERT‑In) – designated under Section 70B of the IT Act, 2000.
• Collaboration: SatCom Industry Association (SIA‑India).
• Release Date: 27 February 2026.
• Scope: Advisory framework for all stakeholders – government agencies, satellite service providers, ground‑station operators, vendors, and private space enterprises.
• Core Provisions:
• Threat Assessment: Signal jamming, spoofing, unauthorized command uplink, ground‑station compromise, firmware manipulation.
• Segment‑wise Security Controls: Authentication, encryption, access‑control, intrusion‑detection across space segment, ground infrastructure, communication links, user terminals.
• Incident Response: Detection, response, reporting in line with CERT‑In directions.
• Governance: Mandatory appointment of a Chief Information Security Officer (CISO) for SatCom operators.
• Supply‑Chain Security: Risk assessment, equipment certification, vendor vetting.
• Alignment with Global Standards: ITU, CCSDS, NIST, SPACE‑Shield, TREKS, SPARTA.

Background and Context

• India's space programme has expanded rapidly with commercial launches, satellite constellations, and private participation.
• Cyber‑threats to space assets can disrupt critical services such as communication, navigation, weather forecasting, and defence.
• Internationally, nations are formulating space cyber‑security doctrines; India’s framework seeks to keep pace with these developments.

Significance for India / Governance / Policy

• Strategic Autonomy: Protects sovereign space infrastructure, essential for national security and economic growth.
• Resilience Building: Promotes a secure‑by‑design approach, reducing vulnerability of mission‑critical systems.
• Regulatory Oversight: Enhances the role of CERT‑In as the nodal agency for cyber‑incidents in the space domain.
• Private Sector Enablement: Provides clear guidelines for emerging private space players, fostering confidence and investment.
• International Credibility: Alignment with global standards positions India as a responsible space actor.

Related Constitutional / Legal Provisions

• Information Technology Act, 2000 – Section 70B: Empowers the government to designate a national agency (CERT‑In) for cyber incident response.
• Space Activities Act (draft): Anticipated to incorporate cyber‑security obligations for licence holders.
• Ministry of Electronics & Information Technology (MeitY) Policies: Oversee implementation of cyber‑security frameworks across sectors.

References

• Indian Computer Emergency Response Team (CERT‑In)
• International Telecommunication Union (ITU) Space Cyber‑Security Guidelines
• Consultative Committee for Space Data Systems (CCSDS) Security Recommendations