Sponsors (2)
This is not an official government website.
Copyright © 2026 PLEJ LC. All rights reserved.
Introduced December 9, 2025 by Gary C. Peters · Last progress December 9, 2025
Creates a federal program to improve cybersecurity for commercial satellite systems by requiring an interagency strategy, a Government Accountability Office study, and a publicly available Commerce-run clearinghouse of voluntary cybersecurity resources and consolidated best practices. The legislation directs Commerce, FCC, CISA, and other agencies to coordinate with private-sector operators and standards bodies, sets specific deadlines for a strategy (120 days) and clearinghouse (180 days), and requires reporting and updates to Congress, while explicitly not designating satellites as a new critical infrastructure sector or changing agency authorities. The bill focuses on information-sharing, guidance, and coordination (including materials aimed at small businesses) rather than creating new regulatory penalties or spending authorizations; it also allows for a classified annex to the GAO report and limited handling of controlled unclassified information in the clearinghouse.
The bill centralizes federal coordination and creates public guidance and a fast timeline to boost commercial satellite cybersecurity—potentially improving resilience—while relying on voluntary measures and creating privacy, resource, and compliance-cost risks that may limit practical effectiveness, especially for small operators.
Federal agencies, industry, and infrastructure sectors get a coordinated federal strategy to strengthen commercial satellite cybersecurity (120‑day strategy plus ongoing federal coordination), improving national resilience to space-related cyber threats.
Small satellite companies and infrastructure operators gain a free, centralized, public clearinghouse and consolidated cross‑agency technical guidance that can improve system security and simplify compliance.
Owners/operators of commercial satellite systems face clearer legal definitions of covered systems and a designated implementing authority (Secretary of Commerce), reducing regulatory uncertainty and clarifying where oversight will be directed.
Because the clearinghouse and guidance are voluntary, weaker actors may not adopt recommended practices, leaving systemic risks in the commercial satellite ecosystem and limiting national resilience.
If the strategy or follow-on implementation results in new mandates or the Act's cross-references are interpreted broadly, small satellite operators and tech firms could face significant new compliance costs.
Requiring or encouraging companies to share vulnerability or operational information with a centralized federal clearinghouse raises privacy and proprietary-information concerns and could deter information sharing.