In September, the Space Rapid Capabilities Office (Space RCO) awarded a 1+ billion-dollar contract to over twenty companies for the Rapid Resilient Command and Control (R2C2) program. This program aims to modernize ground systems to a cloud-based architecture. Twenty companies won the contract and were awarded an initial payment of 600,000 dollars to better understand how to work with classified information.
This acquisition and move to a cloud-based architecture poses several cybersecurity challenges. The first is the potential for companies to be unfamiliar with classified environments and information, leading to a potential social engineering operation against employees. Second, projects may be outsourced to sub-contractors with minimal vetting or improper maturity against CMMC. Lastly, while the cloud-based architecture allows for resilient operations and cost-effective computing, it does introduce new vulnerabilities. This is particularly highlighted by Microsoft unveiling Cloud Service CVEs this past June (2024).
News Article:
Space Force kicks off $1 billion cloud-based satellite operations program
Microsoft:
Toward greater transparency: Unveiling Cloud Service CVEs
https://msrc.microsoft.com/blog/2024/06/toward-greater-transparency-unveiling-cloud-service-cves