Satellite ground systems represent an often neglected aspect of cyber security when dis-cussing Air Force and Department of Defense cyber vulnerabilities. An increasing amount of cyber security research and attacks focus on space ground systems in the form of satellite con-trol, satellite communications terminal hacking, and GPS spoofing. Public evidence exists demonstrating nation-state adversary willingness and intent for attacking these systems. Ground systems find themselves in a gray area of compliance between the two cyber security risk man-agement regulations DoDI 8510 and Committee on National Security Systems Instruction 1253. Both require compliance to security controls, but neither build in the evaluation or mandatory controls necessary for the mitigation of risk. A further examination of private industry standards and theory shows better methods of mitigating cyber security risk via simplifying the security controls necessary, using time-based methods for analyzing controls, and conducting preventa-tive cyber security engineering on new systems for the provision of information assurance.