New Model Standardizes Measurement of Cybersecurity in Critical DoD Assets

The Cyber Resiliency Level™ (CRL®) model is a risk-based, mission-focused and cost-conscious framework used to measure the cyber resiliency maturity of a weapon, mission or training system

PR Newswire

ARLINGTON, Va., Aug. 13, 2019 /PRNewswire/ — Cyber experts from Lockheed Martin [NYSE: LMT] developed and piloted a first-of-its-kind model that standardizes how to measure the cyber resiliency maturity of a weapon, mission, and/or training system anywhere in its lifecycle – the Cyber Resiliency Level™ model (CRL®).

The Cyber Resiliency Level™ model provides a structured set of methodologies and processes to help measure risk across six categories. Each category is defined across four levels of increasing maturity and have been noted by the Department of Defense as top concerns. Credit: Lockheed Martin.

The U.S. government defines “cyber resiliency” as the ability to anticipate, withstand, recover from, and adapt to changing conditions in order to maintain the functions necessary for mission effective capability. Until now, the aerospace and defense industry lacked a simple, common method to discuss cyber resiliency of a military system. 

“Today’s software-based military systems and a global supply chain make securing military systems a complex problem to solve,” said Jim Keffer, director of Cyber, Lockheed Martin Government Affairs. “With the CRL, we can now leverage existing risk management frameworks to effectively measure and communicate resiliency across six categories we know are important to our customers. The release of this model builds on Lockheed Martin’s enduring commitment to mission assurance and will ultimately help the warfighter operate in cyber-contested environments.”

To use the model, engineers work with U.S. and allied military program stakeholders to conduct a series of risk and engineering assessments. The process provides increased visibility into the current state of risk and produces a customized, risk-mitigation roadmap that shows how to increase a system’s CRL to a more desirable level.

This figure shows the evolution of CRL maturity. Credit: Lockheed Martin.

“In an era of scarce resources, the CRL model can help stakeholders make informed decisions and prioritize cyber spending on the most impactful solutions,” said Keffer.

To date, Lockheed Martin has used model-based assessments on several of its own systems across multiple domains and plans to conduct at least 10 CRL assessments by the end of 2019.

To learn more about CRL and how to apply it to your systems, visit: http://lockheedmartin.com/en-us/capabilities/cyber/crl.html  

About Lockheed Martin
Headquartered in Bethesda, Maryland, Lockheed Martin is a global security and aerospace company that employs approximately 105,000 people worldwide and is principally engaged in the research, design, development, manufacture, integration and sustainment of advanced technology systems, products and services.

Lockheed Martin Logo.  (PRNewsFoto/Lockheed Martin)

Cision View original content to download multimedia:http://www.prnewswire.com/news-releases/new-model-standardizes-measurement-of-cybersecurity-in-critical-dod-assets-300900208.html

SOURCE Lockheed Martin