YOU'VE BEEN HIRED.
Two mandates now govern the cybersecurity of satellite command and control. In the United States, Executive Order 14144 directs cybersecurity requirements for civil space systems that include protection of command and control: encryption of commands, integrity of commands in transit, verification that an authorized party is the source of each command, and rejection of unauthorized command and control attempts. In Europe, the NIS2 Directive (EU) 2022/2555 designates Space a sector of high criticality and applies to operators of ground-based infrastructure that supports space-based services, the category this organization operates in. The directive requires cryptography and encryption, access control and multi-factor authentication, incident handling, and incident reporting on fixed deadlines: an early warning within 24 hours, an incident notification within 72 hours, and a final report within one month.
You have been hired as the change agent to prepare this organization's response. Three functions defend the platform: the Security Operations Center, the Satellite Operations Center, and Satellite Development and Engineering. Each currently describes the platform in its own terms, so a finding is re-translated at every handoff and evidence prepared for one regulator does not carry to the next. Your assignment is to bring all three onto one shared method of five functions, decompose the platform, model the threats against it, engineer converged detection, prepare incident response, and manage the adversary, on one machine-readable framework: METEORSTORM.
The organization's response to both mandates draws on the deliverables those five functions produce. The decomposition documents the command path under protection, and the threat model records the risk basis regulators expect to see. Converged detection engineering and incident response preparation support the organization's ability to detect, report, and recover within the required deadlines, and adversary management works to keep the protections effective over time. Over the ten days ahead you produce each artifact and assemble the evidence behind the response.
The schedule is ten days. Day Zero is orientation. Days one through five, you run the method, one function per day. Days six through ten, you work missions in the Satellite Operations Center.
Before day one, you sit through orientation: how the team thinks, why space is no longer a sanctuary, and the shared language that holds the rest of the work together.
▶METEORSTORM OverviewYour first five days on the job. One function each day, in order, running the METEORSTORM method end to end on the platform. Each function's deliverable supports the organization's work to meet Executive Order 14144 and the NIS2 Directive.
Before the organization puts you on the floor, it verifies your command of the method. Forty questions, drawn at random across the five functions you just ran. Score 80% or better to pass. Your results include a topic breakdown and a question-by-question review showing exactly what to revisit.
Your next five days. You work in the Satellite Operations Center, one scored mission each day, from standing up the team to running a full incident response. The missions exercise the organization's ability to detect, report, and recover as Executive Order 14144 requires, within the deadlines the NIS2 Directive sets.
Before it signs you off, the organization verifies that your work on the floor holds under examination. Forty questions, drawn at random across your five missions. Score 80% or better to pass. Your results include a topic breakdown and a question-by-question review showing exactly what to revisit.