The US Government Accountability Office (GAO) reviewed NASA projects, highlighting optional security policies and standards, urging NASA to update its cybersecurity practices, as the agency faces challenges balancing security requirements with engineering constraints unique to space machinery. NASA CIO argued against a one-size-fits-all security approach citing the diverse nature of spacecraft and constraints in weight, space, and power. The need for intertwining security with operational technology and addressing worst-case scenario threats was emphasized
GAO recommended NASA develop a plan to enhance policies, recognizing the gradual process required, balancing policy foundation and technology implementation. NASA's cybersecurity improvements are crucial in safeguarding critical systems and personnel onboard, considering potential risks like signal interference affecting navigation or life maintenance systems. ```https://www.darkreading.com/ics-ot-security/gao-nasa-faces-inconsistent-cybersecurity-across-spacecraft