Lockheed Martin has created five reference architectures for security “” reusable architectures that give “best-of-breed“ approaches to build cybersecurity solutions. “We've created a repository of artifacts, over 300 of them, that we share within the organization,“ says Lee Holcomb, director of the Center for Cyber Security Innovation at Lockheed Martin. “From a process standpoint, it benefits our individual programs, the 4,000 that we have, in their execution.“
Partnership for Public Service
Beyond the halls of Lockheed Martin, Holcomb is an active participant in the Partnership for Public Service. “We're trying to help the government do a better job [filling its cyber ranks],“ says Holcomb, citing the Department of Homeland Security's 1,000 cybersecurity vacancies. “I certainly would like to do what I can to help them be more effective in filling those positions,“ he says.
Part of that effort comes through cultivating future cyber leaders, first, at the university level. Holcomb and Lockheed colleagues are working with universities to add cyber curriculum. A little over a year ago, Lockheed Martin awarded 13 graduate assistantship scholarships to graduate students at Purdue University, Carnegie Mellon, and the University of Maryland. In all, the company has cyber research partnerships with nearly 10 universities, including UCLA and Drexel. University outreach efforts continue. “I had a discussion the other day with several universities about building cyber talent programs that they do not have today, and finding new sources of talent, if you will, that we don't currently have,“ says Holcomb.
NexGen Cyber Innovation and Technology Center
Last Fall, Lockheed Martin opened its NexGen Cyber Innovation and Technology Center, a critical focal point for its cybersecurity business. NexGen has since come to be known as a world-class center for accelerated development of IT systems and solutions, as well a platform for collaboration with customers and industry partners. Located in Gaithersburg, Md., the sprawling 25,000 square-foot facility includes 2,000 core processors in the cloud, as well as a “global cyber range“ that allows real-time experiments to be conducted in a fully networked environment.
Concurrent to NexGen's opening, the company announced the formation of a cybersecurity technology alliance with leading technology providers “” 14, in all, which include: APC by Schneider Electric, CA, Cisco, Dell, EMC Corporation and its RSA Division, HP, Intel, Juniper Networks, McAfee, Microsoft, NetApp, VMWare and Symantec. In addition to industry partnerships, Holcomb and his team have formed alliances with national labs, such as Oak Ridge and Sandia. The research alliance is accelerating solutions for government customers. “It allows us to integrate secure end-to-end solutions,“ says Holcomb. The alliance, he adds, has also allowed Lockheed to bring proactive solutions forward “” solutions that not only pick up signatures of known threats but also identify patterns that might indicate, and address, unknown threats.
That research backbone is leading to strong advancements. Recently, Lockheed Martin announced the launch of a new product, Ironclad“” a “PC on a stick,“ as it's been called, that allows storage of operating system, applications, and data on a secure USB flash drive.
Collaboration is underway with government partners, too “” most notably, through Lockheed Martin's Security Intelligence Center and the Defense Industrial Base. There, the company shares information with the Department of Defense on cyber attacks. The Security Intelligence Center's Computer Incident Response Team (CIRT) oversees an environment of about 175,000 managed endpoints, which, to adversaries, looks like an extension of a large government enterprise.
“We get about 4 million sensor events a day that we see,“ says Holcomb. The organization has built a model to identify and track long term, sophisticated attack campaigns. This model is being used by the Department of Defense as a framework to analyze attacks. “We feel proud that we changed the methodology that, in fact, government is using to analyze these attacks,“ says Holcomb.
Holcomb has his eye on other ambitious projects. “We're working on long-term research in difficult areas that have not heretofore been solved by industry,“ he says. These include developments in trusted hardware anchors; solutions related to “fighting through the attack“; and pattern recognition to determine when an attack might occur. “We are not relying on a single pattern recognition approach,“ says Holcomb, citing multiple projects such as Lockheed's advanced technology laboratory at Oak Ridge National Laboratory, as well as research being conducted at the company's security intelligence center related to three separate tools and methodologies. “We're taking the best of those and using them in a combined fashioned “” that's an important aspect that connects the next stage of cyber defense,“ says Holcomb.
So, too, are ongoing collaboration efforts among industry partners and government. “Cybersecurity is all about partnership and innovation,“ says Holcomb. “It takes a team approach to be successful.“
UP CLOSE: Lockheed Martin's Lee Holcomb
On fostering a “cyber aware“ workforce: “We're constantly promoting [information assurance] through employee communications channels “¦ it's a constant education process using our communications vehicles to engage our employees to be better about opening emails that are not familiar to them, and how to treat computer IT access,“ says Holcomb.
Favorite tech website: GovInfoSecurity
Hobbies: Holcomb is an avid tennis player.