author photo
By Bruce Sussman
Wed | Feb 12, 2020 | 10:22 AM PST

What if someone, or some government, took control of GPS?

Planes could go off course, Amazon packages would not get delivered, and you might be completely lost trying to drive to your offsite meeting.

GPS is part of the fabric of our daily lives.

And according to research by the National Institute of Standards and Technology (NIST), GPS-based services getting hacked or failing "...could result in $30 billion to $45 billion in economic losses over a 30-day period."

Increasing the resiliency of GPS services

Today, President Donald Trump signed an Executive Order designed to look at how resilient and how vulnerable GPS is. It actually goes beyond GPS to focus on a wider category of Positioning, Navigation, and Timing (PNT) services.

The U.S. Department of Defense sums up the move:

"The Executive Order seeks to ensure that the nation's critical infrastructures build in resilience against disruptions to GPS or any other single source of PNT. Under the Executive Order, NIST and other federal agencies will work with the private sector to identify and promote responsible methods of using PNT services—from GPS and other sources—that appropriately manage risks. These efforts will leverage the existing National Infrastructure Protection Plan and NIST Cybersecurity Framework."

The NIST Cybersecurity Framework is rapidly becoming the most widely used framework for securing organizations. Its implementation is taught on nearly every SecureWorld conference agenda.

[RELATED: 5 Things to Know as NIST Cybersecurity Framework Turns 5]

So it looks like the NIST framework will soon help protect GPS. Different parts of the Executive Order will be phased in over 90-day, 180-day, and 1-year windows of time.

Read it for yourself: Executive Order on Strengthening National Resilience through Responsible Use of Positioning, Navigation, and Timing Services

[RESOURCE: SecureWorld offers training workshops on implementing the NIST Cybersecurity Framework for your security program. Look for SecureWorld PLUS courses on each regional conference agenda.] 

Comments