The National Aeronautics and Space Administration (NASA) is taking significant steps to incorporate cybersecurity into its software evaluation process to ensure the security of its missions. In addition, the agency is ramping up efforts to enhance cybersecurity education and training as part of a broader initiative to bolster the cybersecurity workforce, as reported by The State Journal.
NASA’s Katherine Johnson Independent Verification and Validation Facility (IV&V) has traditionally focused on reviewing software utilized by the space agency to identify and rectify bugs that could potentially result in mission failures. However, in recent years, IV&V has expanded its scope to include the assessment of ground systems, with a specific emphasis on identifying cybersecurity risks within the software and their potential impact on NASA’s operations.
At present, IV&V employs approximately 12 practitioners who are involved in one or two projects at any given time, with plans to further expand its workforce in the near future, according to NASA IV&V Deputy Lead for the Safety and Mission Assurance Support office, Manny Cordero. Cordero highlighted the unique approach taken by IV&V, which integrates traditional assurance and software engineering roles with cybersecurity to independently evaluate the design, architecture, and structure of space systems.
Moreover, IV&V’s cybersecurity educational outreach program is designed to offer summer and year-long internships, as well as integrating cybersecurity education into its core focus areas. By prioritizing cybersecurity, NASA aims to not only strengthen its own cybersecurity measures but also contribute to the growth of the cybersecurity workforce in the state.
Cordero emphasized the importance of technology in enabling progress but also underscored the potential risks associated with its misuse. He emphasized the critical need for robust cybersecurity measures, as much of our daily lives and business operations are increasingly reliant on technology. Cordero stressed the importance of addressing the existing talent gap in cybersecurity and cultivating a sustainable cybersecurity workforce to meet the evolving security challenges.
In conclusion, NASA’s proactive approach to incorporating cybersecurity into its software evaluation process and its commitment to cybersecurity education and training reflect a broader recognition of the indispensable role that cybersecurity plays in safeguarding critical infrastructure and operations. By investing in cybersecurity measures and nurturing the next generation of cybersecurity professionals, NASA is not only enhancing its own security posture but also contributing to the overall resilience of the cybersecurity workforce.