STRONGLY PLACED TO COUNTER THE GROWING CYBER THREAT
By Steve Neville, Lockheed Martin, UK
The new battlefield is cyber space and LM is using its own experiences to offer customers in the UK a proven capability in tackling this growing menace
It’s increasingly viewed as the one of the biggest emerging threats to the UK and other countries for decades. The fear that a country could be brought to its knees by a cyber attack is moving rapidly up the Government agenda and Lockheed Martin UK is in a strong position to address the requirement for counter and preventative measures.
Lockheed Martin UK has a vision to offer a collaborative, transformational solution that draws on its existing investment, takes advantage of real time experience and brings to bear operational capability that has been developed to address one of the most attacked cyber networks.
Less than a year ago, no-one had heard of Stuxnet but this cyber worm that targets industrial software and equipment has become indicative of how a computer virus can bring chaos to a nation’s commerce and the everyday lives of the population.
Part of Lockheed Martin’s capability is based on its own experience in repelling attacks which can number 100 a month and can present a threat to the company’s 175,000 work stations, spread over 63 countries. LM handles some 25 million e-mail messages and 300 million web requests every day. Often, the threats employ sophisticated techniques to penetrate company networks and obtain sensitive information.
No single Commercial Off the Shelf (COTS) product can counter advanced persistent threats (APTs) and, as a result, Lockheed Martin has developed custom tools to detect intrusions, quickly pivot through mountains of data and enable analysts to gather necessary intelligence to detect and mitigate future attacks.
In 2008, Lockheed Martin opened its own Security Intelligence Centre (SIC) in the US to provide real time defence in depth, identification and response to advanced persistent threats, and operational threat and information sharing. There are now two Centres – at Gaithersburg and Denver – with experts in intrusion analysis, malware reverse engineering, digital forensics and intelligence fusion.
The SICs provide Lockheed Martin with a unique capability to mitigate singular events and sustained campaigns, using detection and analysis, proprietary processes and custom tool development. As part of their work, SIC analysts have developed a Cyber Kill Chain model for intrusion analysis. This enables them to identify patterns in repeated campaigns, building contexts around groups of events rather than analysing everything singularly. Using this model, the SICs can measure the effectiveness of defences, identify gaps and prioritise capabilities to deal with threats.
The SICs are also the enterprise focal point for collaboration with industry and government partners for threat discovery, attribution and response.
Indeed, Lockheed Martin invests over £13 million annually in cyber security research and development, including strong links with thought leaders and innovators in universities. Among them is Warwick University in the UK.
Lockheed Martin has also formed the Cyber Security Technology Alliance, comprising leading cyber companies, to align technology roadmaps and integrate investment strategies to focus on the most demanding challenges.
“We are looking to extend this Alliance into the UK to extend the applicability to the UK context,” says Lockheed Martin IS and GS Cyber Campaign Manager Steve Neville. “We are also committed to information sharing and in working across both US and UK government.
“Another possibility is to establish a joint venture or centre of excellence that incorporates the key elements of the UK cyber industry and Government expertise. Having learned through protecting our own system, we are in an informed position and are leading the way on a number of initiatives.”