Q&A

An Interview with Swiss Cyber Startup CYSEC on Space Expansion

Cysec Space image

Last week, Switzerland-based CYSEC announced it had extended its seed round by 4M Swiss francs ($4.3M) to 7M Swiss francs (~$7.5M). Founded in 2018, the company creates “confidential computing” products designed to harden highly sensitive data used in clouds, data centers, and at the “edge.” 

The fintech-focused cyber startup plans to use new funds to expand into two target markets: cryptocurrency and edge computing, which includes space. The company participated in ESA’s incubator program, and more recently, launched its first-gen embedded system on SpaceX’s Transporter-3 mission. 

We spoke with Mathieu Bailly, CYSEC’s VP of space, about the trials and tribulations of building end-to-end security systems for new satellites and spacecraft. NB: The following interview has been edited for length and clarity.


You say that “satellites are built to last, but aren’t built with security in mind.” Mind elaborating?

Historically, space engineers have focused on reliability and durability—maximizing the service life of satellites—often at the expense of security. Think of satcom buses, for example, getting very profitable once they have passed their expected life duration. The same engineers have been asked to develop new space missions which require a radically different approach as the exposure to cyberattacks has increased dramatically. New space missions in particular have shorter lifespans, with less constraints on durability, but much more on security. Hence the need to change the paradigm in the approach of developing spacecraft.

When and why did you decide to make space a target market?

CYSEC was founded in 2018, and back then, was focusing on fintech. I decided to join the team when I realized that the thousands of satellites to be launched and valuable data collected would make space a paradise for cyber criminals. We took part in the ESA incubator program, where we performed extensive market research that clearly confirmed there was a need to be addressed, particularly in the new space segment.

From a technical perspective, what does it take to extend your core competency—secure, confidential computing—to space? What extra steps do you have to take? 

Securing mission control software and handling telemetry/telecommand (TMTC) data on the ground is not so different from securing crypto-trading software. However, securing on-board software and data required developing an embedded version of our product, capable of running on all popular architectures used by satellite manufacturers and operators. The first generation of our on-board product was launched on Jan. 13 with the Transporter-3 mission. We just managed to successfully communicate and will begin testing shortly.

Why is it harder to secure space compute/data processing than assets on Earth? 

On-board security is more challenging just because space is challenging to start with. Then, you add the complexity security mechanisms with a minimum impact on all budgets available on board and without adding risks to the mission. We spend a lot of effort explaining to space engineers that security is here to help, to contribute to the success of the mission, and does not aim at making their lives more complicated. Security should be seen as an enabler to the business case and should help convince clients that the service is resilient and sustainable by design. There is a lot of education to be done in the space market.

What is the status quo of infosec for satellites and in-space assets today? What is the threat landscape/surface like? 

Operating space assets require a complex, distributed architecture. There is an orbital system, (or even a lot of them), a mission control center, a cloud infrastructure, a ground stations network, and sometimes, terminals on ground. There are usually two links, one for the TMTC data and one for the payload data, potentially doubling the complexity. That makes a large attack surface with many potential entry points for an attacker.

So far, only governments have been able to afford the security solutions offered by a handful of historic players. However, these solutions are lightyears away from being to fit the needs of smallsat, LEO, new space, and commercial missions, which tend to be a lot less mature in terms of security. That’s the case for two reasons: 1) There is a lack of expertise within these teams and 2) there are no products available off-the-shelf. This is where we are trying to help. 

Related Stories
EOQ&A

Understanding AI’s Impact on Space Data with Planet’s Head of Product

Payload spoke to Nate Gonzalez, Planet’s head of product, to understand what the last year of AI hype means for earth observation companies like his. 

PolarisQ&A

Rep. Eric Sorensen on Space Travel, Safety and Shuttle Ties

A space leader on Capitol Hill is looking at how to eliminate gaps between the agencies that oversee human spaceflight over concerns about maintaining the highest safety standards. Rep. Eric Sorensen (D-IL), the ranking member of the House space subcommittee, pointed out the multitude of groups that have a hand in regulating spaceflight, from the […]

Q&AStartupsTechnology

A Q+A with Sita Sonty, Space Tango CEO

Sita Sonty has only been CEO of Space Tango for a couple weeks, but she already has big plans for the company, including opening a new fundraising round and growing the startup’s global client base.  “Details are in the works. It is a private, friends and family round,” she told Payload. “A big part of […]

BusinessCivilMoonQ&A

Q&A with ispace US CEO Ronald Garan

The countdown has started on ispace’s NASA-backed date with the Moon in June 2025, and the US team has locked itself in a room this week to game out the details.  The company began a four-day exercise on Monday akin to a military-style wargame that will help the company zero in on when the spacecraft […]