Steve Hawkins currently serves as vice president of Information Security Solutions at Raytheon, a position he took after spending his career at the company covering areas ranging from airborne radar systems and signals intelligence to commercial imagery and his current field of cybersecurity. Here, he talks about challenges in the cyber realm, the dangers of Advanced Persistent Threats, and some of the innovations Raytheon is working on to secure systems and networks.
The New New Internet: Tell me a bit about your background and how you got your career started.
Steve Hawkins: I have an engineering background. I have both a bachelor's and master's in electrical engineering, and an MBA in engineering management. I have been in engineering management and then in general management positions with Raytheon. I've actually been part of about three different companies that are all part of Raytheon now, as it went through the mergers and consolidations of the “˜90s. I've been with Raytheon essentially my entire career. I came in originally working on airborne radar systems. It's important that you've been around and have different experiences. I've worked airborne radar, which is a key area for the company. I then worked aviation and weather systems, which is another important area for our own Intelligence and Information Systems business. Then I moved into the signals intelligence area. I was involved for many years in major large-scale, signals intelligence processing systems. I also worked on high-resolution imagery intelligence systems. At one time, I ran our commercial imagery interests, the ground systems for imagery systems. I also ran our tactical business group, and got involved with tactical communications. All of this was prior to getting involved with the Information Security Solutions business. One of the most interesting perspectives is that a common thread through all those systems is that Raytheon has been doing multiple levels of security for more than 30 years. One common thread has been how to put security into those kinds of products and systems. One of our important strategies is embedding our cyber offerings into all Raytheon products. I've really had experiences across three businesses products and a variety of different technologies.
TNNI: What are some of the challenges you've met in your current role?
Hawkins: In the current role, there are certainly the technical challenges with a rapidly escalating threat. The threat is adapting so quickly that you have to develop technologies and business practices that can change or tweak your solution to the latest threat. Ten or 15 years ago, you could take two, three or five years to design and field a system. You can't do that anymore. You may be delivering upgrades monthly or maybe even every 30 minutes. So it really is the pace that the cyber technology is moving, the pace the threat is moving and creating business models and technology models for rapid insertion. That's the biggest change I think we've seen in the past two to three years. It is amplified in the cyber area, because the threat is very dynamic and very fast. The cyber threat often needs to be addressed in a matter of milliseconds or less.
TNNI: What do you see as the most dangerous threat? Do you see it as a technical threat or more a social engineering approach?
Hawkins: One of the most important threats is social engineering as a means of getting individuals within any enterprise to either click on an attachment or a website that would bring malware or the Advanced Persistent Threat into your enterprise. I would say the one other thing that bothers me is non-threat based: There has been so much discussion on cyber that there is a little bit of cyber fatigue across the country. That is causing a level of complacency that I think has our country and the world interest saying, “Could it really be that bad?“ I believe it is, and I believe that complacency is dangerous.
TNNI: Which technology from your recent Cyber Demo Day are you most excited about?
Hawkins: We did show a number of innovative technologies that at our recent Cyber Demo Day. One of them, dynamic defense, is really an approach to tie all the technologies together. I don't believe that there is any one solution that solves the cyber challenge. It is a layered-defense approach: whether you are looking at intrusion detection of malware, or prevention on the front-end, trying to stop new zero-day threats or the insider threat, or just being able to tie together the social aspects of the attack. I really believe it is all those items of detection and being able to take action against them rapidly. That's the real challenge, the real breakthrough, versus any one individual technology. I think in the long run, without the collection technologies and the layered defense, they won't be effective.
TNNI: What are some of the other products within the cyber arena that Raytheon is working on?
Hawkins: We have another innovative product that looks for malware on attachments or websites. Prior to having that technology malware could penetrate your enterprise and be resident on disks and in storage anywhere in your enterprise. Not only do you have to try to prevent new malware coming in, you have to be able to basically hunt down and kill the malware on data at rest. So our next range of products are complimentary to protection on the front-end and they will literally go back and look throughout your enterprise for where there may have been malware five to 10 years ago that is stored somewhere and eradicate it from your system.
TNNI: What areas in the near future will have the most growth and why?
Hawkins: I think you'll see general overall growth. You'll see a little bit of a change in approach on the very front-end, the anti-virus programs that are the most basic method used today to detect malware that's been seen before. I think the market will go to technologies like we're offering that are not signature-based, but behavior-based. I also think you'll see the architectures change from those being done on the desktop or at the gateway and will actually move out to software as a service or in the cloud architecture. That's where the trend is going. The economics is to use cloud computing or some other form of shared resources to lower your IT costs. Therefore, the security products and capabilities have to follow that path so you still remain the most efficient as well as secure.
TNNI: Do you think with the transition into cloud computing there will be additional security issues?
Hawkins: There will be additional security issues in that they will be somewhat different. I think a lot of the core technology can be repackaged and extended to address that. I do think this is probably a four- or five-year horizon. I think most people today are putting fairly low-risk data out into the cloud and as they want to move more and more data of value, they will wait for the maturity of these products. It really is quite a trend change from desktop to cloud, and it will take a few years to get there.
TNNI: What's the best career advice you've received?
Hawkins: The best advice came from one of my bosses, who was a vice president at the company, and I was at about a director level, reporting to him. We were talking about two or three different positions I could take. He said, “You know, I interviewed for a vice president's position and I didn't get it.“ He said he was devastated when he didn't get the job. Three months later, he got another opportunity, another vice president's position that was twice the responsibility. So the moral of his story was that things change rapidly in this business, so don't overreact by anything that comes your way on a particular day. Set your objectives for the long run and don't be too tight on the timeline you need to achieve them. Just keep heading in that direction and you'll be fine.
TNNI: Anything you'd like to add?
Hawkins: One of things I'd like to point out is that Raytheon and the individuals working here are very bright and are working not only to protect against the cyber threat, but also are able to address it very, very rapidly. I talked a lot in our Cyber Demo Day about speed. It's the speed to detect and the speed to respond and the ability to anticipate and respond before it happens that are the keys to the future. I believe we are a leader in this area.