At the DefSat Conference and Expo 2026 held in New Delhi on 26 February 2026, India’s primary cybersecurity authority, the Computer Emergency Response Team (CERT-In), unveiled a dedicated Space Cyber Security Framework. The development represents a major step in the evolution of India’s cyber governance approach, highlighting a transition from general cybersecurity mandates to sector-focused resilience structures aimed at protecting critical national infrastructure. The framework is being recognised as a landmark move to secure India’s fast-growing space sector, which now includes commercial satellite operators, the Indian Space Research Organisation (ISRO), and a rising number of private entities encouraged by the liberalised NewSpace policy environment. 

The Need for a Space-Specific Cybersecurity Framework  

Historically, India’s cybersecurity governance efforts have concentrated on sector-specific protections for the financial services industry and the power and energy grid—both recognised early as critical infrastructure demanding dedicated regulatory frameworks. The space domain, however, presents a unique set of cyber risks. Elements such as ground control stations, telemetry and command systems, satellite communication payloads, and software-defined radio platforms used in modern spacecraft are exposed to threats including signal jamming, spoofing attacks, uplink takeovers, and supply chain intrusions. The newly introduced framework aims to mitigate these vulnerabilities by establishing technical guidelines, incident management protocols, and compulsory baseline safeguards for all entities operating within India’s expanding space sector. 

DefSat 2026: Advancing the Security of Critical Infrastructure  

The framework was unveiled at the DefSat Conference and Expo 2026, which took place in New Delhi from 24 to 26 February, providing a highly relevant setting for the announcement. Recognised as India’s foremost gathering for defence, satellite, and space technology stakeholders, DefSat assembles policymakers, industry leaders, technologists, and procurement officials who collectively shape the security framework of the country’s most sensitive infrastructure sectors. CERT-In’s decision to introduce the Space Cyber Security Framework at this forum underscores a conscious effort to align cybersecurity governance with the operational priorities of the defence and space community, rather than treating it purely as a civilian information technology issue. Industry representatives at the event reportedly responded positively, appreciating the framework for bringing much-needed regulatory direction to a sector that has so far lacked specialised oversight. 

What It Means for India’s NewSpace Ecosystem  

The introduction of the framework comes at a pivotal moment. Since the NewSpace reforms of 2020, India’s space sector has witnessed accelerated liberalisation, allowing private companies to participate in satellite launches, manufacturing, and operational services. This shift has led to the emergence of a diverse and rapidly growing ecosystem comprising startups as well as established aerospace firms, all managing digital infrastructure that now falls under CERT-In’s expanded oversight. For private operators, the framework establishes compliance requirements and mandatory incident reporting mechanisms, which will require enhanced cybersecurity investments. For government institutions, it sets a common reference point that enables stronger inter-agency collaboration and coordinated responses to cyber incidents. Overall, the framework contributes to a more integrated and secure national space ecosystem. 

Setting a Standard for Emerging Critical Infrastructure Areas 

While the framework directly addresses the needs of the space sector, its broader significance lies in its potential to serve as a blueprint for domain-specific cybersecurity measures across other emerging areas of critical infrastructure, including quantum communication systems, undersea internet cables, and AI-powered public service ecosystems. India’s decision to design specialised frameworks for each high-risk sector, under the technical leadership of CERT-In, reflects a mature recognition of the varied threat landscapes that modern digital governance must manage. With initiatives such as the IndiaAI Mission expanding sovereign compute infrastructure and the country’s digital public platforms growing in scale and complexity, the demand for equally sophisticated cybersecurity structures will inevitably rise. CERT-In’s announcement at DefSat 2026 signals India’s leadership in shaping this evolving governance model.