By Geoff Fein
The president’s plan to begin an all-out effort to protect the nation’s critical network infrastructure from cyber attacks should result in significant opportunities for defense contractors, according to a Northrop Grumman [NOC] official.
“We see the emphasis that the Obama administration is going to put on cyber security as a great opportunity for us. The opportunity is not in what’s historically been looked at in the information assurance area where we have been focusing on what I call the lower end of the threat spectrum,” Daniel Allen, sector vice president and general manager of the Intelligence Systems Division (ISD), told Defense Daily yesterday.
Those lower end threats, according to Allen, are hackers who are more out for notoriety than looking to financially capitalize on their work. All the same, Allen sees that activity continuing to grow. “I believe there are activities ongoing and there will be more to take on that lower end of the threats.”
What Allen sees as the real opportunity for companies Like Northrop Grumman, is protecting the nation from the full spectrum of threats, which runs from hackers out to organized crime.
“But the real threat is the nation-state threat. The threat that I am not sure the public is fully aware of…to the extent we are vulnerable and what would be the implications of those type of attacks,” he said. “That’s where organizations like ours have a tremendous opportunity.”
One effort Northrop Grumman has been involved in as a member of the intelligence community (IC) is understanding the threat and building systems to help the nation understand what those threats are, Allen added.
“So the ability for the nation to make this a priority, to look across that spectrum and to build solutions that span that threat and the entire government all the way out to potentially the critical infrastructure, that’s where we see the opportunity,” he said.
Allen added the effort to defend the nation’s networks would also require raising the awareness of the risk.
“When you talk about the awareness, I think that’s a big part of what Obama in this 60-day study brought forward, the fact that they have to invest in the nation, raising the level of understanding in the nation, so that people really do understand the threat,” he said. “We truly do need to raise the awareness and that’s a positive piece of the 60-day study because they state that specifically as an objective.”
For its part, Northrop Grumman has the components of a strategy that particularly focuses on some of the more high-valued targets at the moment, Allen said.
“There are capabilities, solutions, procedures, and policies that can be put in place. And we see opportunity today, in fact we are developing next-generation capabilities that we can reduce the threat,” he said. “To really take a significant impact to that threat there is going to be a range of things that will extend all the way out to your desktop, which includes hardware as well as some of the software systems, and policies of how they are actually used, will be put in place.”
But Allen believes that is the longer-term goal. “Again, I think in the administration’s 60-day study, they focused a lot on those areas they need to invest in with the technology firms, with academia, that they can look at next-generation systems that have some of that security built in.”
“Today’s systems, or the vast majority of them, do not,” Allen added. “And where they are critical to our nation, those are areas we are focusing in [on]…and I think the comprehensive national cyber initiative is focused in on today.”
Northrop Grumman is actively involved with the IC in building and developing sensors to help the nation understand what is happening in the telecommunications world, all over the world, Allen said.
“As we look at the threats and the growth of the threats we are investing in building the next-generation of capabilities that will ultimately enable some of the things that are being talked about in the 60-day study, that’s where we see our opportunity in the short-term, in helping build a better knowledge and understanding of the threat…sensing the environment so that we know and understand what is going on, and create situational awareness capabilities so that our nation’s decision makers can ultimately take action. And this capability will continue to evolve and change over time as the threat spectrum gets addressed,” he said.
As defense contractors seek opportunities, will it lead to more partnerships, or companies going solo in trying to solve the problem? Allen believes these effort to secure networks will foster not only the public-private partnership that the president is hoping to foster, but partnerships within industry as well.
“There are already partnership with industry that are coming together, less to build competitive capabilities, but more to raise the awareness and look at how we might be able to take this problem on together,” Allen said.
For several years now, the deputy secretary of defense has pulled together all of the key tier one defense contractors on a regular basis to discuss the cyber threat and the issues in that space, Timothy McKnight, vice president and chief information security officer of the ISD, told Defense Daily yesterday.
“As a result of that initiative we established a Defense Security information Exchange which is between the companies where our computer security response teams deal with each other on a daily basis…providing information sharing around threats as they are happening,” McKnight said.
“We have also established the DIB NET (defense industrial base network), which is sharing [information] between the government and the defense industrial base,” he added. “A key tenant of any national strategy here…for it to be comprehensive it is going to have to have a very participative public-private partnership at a scale we have never really seen before. And we are really at the forefront of that in the defense industrial base. Here at Northrop Grumman we have been one of the key leaders in that space…the information sharing space.”