Modern field guide to security and privacy

What does it mean to take a full-spectrum approach to cybersecurity?

How a full-spectrum approach including defensive cyber, active defense and cyber resiliency keeps America ahead of digital threats.

Northrop Grumman

Cybersecurity’s biggest challenge today is straightforward to describe and extremely hard to fix: you can’t see the threat before it hits you. Cyber defenders have little to no warning that an intruder is lurking just beyond their borders.  

That’s why we see cyber technology as more than just the passive understanding of protecting our systems. Taking a position of active defense means looking not at just protecting the network, but the protection of the network and the constant monitoring of the network to identify threats. When we talk about full-spectrum cyber, we’re talking about taking it even one step further. Not only are you protecting your environment, you’re monitoring that environment and now when you identify or find an indication that a threat is coming, you can defeat that threat preemptively.

Taking a full-spectrum operations approach is about a very deliberate effort to defeat the threat before the threat comes into the system. We do that in some cases by understanding the attacker’s vulnerabilities and issuing our own cyber initiatives that exploit those vulnerabilities.

Simultaneously, we are investing in advanced forms of defense, what we call cyber resiliency. Cyber resiliency looks to not only protect the environment from the outside, that end point of the information sphere, but also how to understand what malicious actors are already inside the network, identifying that threat and then protecting and healing the network as that threat is being removed from the system. Finally, rounding out this picture of understanding where threats are coming from involves looking at cybersecurity from a global standpoint. There’s a greater requirement and a need for us to communicate with our allies because the threat does not focus just on one entity or one country.

Into this world of rapidly-evolving threats, increasingly complex technology and global connectivity, we continually ask ourselves, “How do we stay ahead of that threat? How do we create proactive capability and technologies that are integrated enough so that our customers not only start secure, but return secure from their missions?”

To that end, we’ve established the Advanced Cyber Technology Center (ACTC), a nexus for our advanced cybersecurity work with four locations on three continents. The goal of the ACTC is to understand how we need to continue to innovate in cyber technology.

That process of innovation includes a commitment to partnership with our customers. What we want to understand is what keeps them up at night. What are the challenges that they face? And then how can we take that challenge and bring that into our research and development so that we provide solutions and technical capability that allows them to defeat that threat not just for today, but for tomorrow. How do our customers stay secure? How do they stay strong?

To answer those questions, Northrop Grumman takes an interdisciplinary and multinational approach. We’re bringing some of the best of the best across Northrop Grumman into the ACTC, including top-flight talent in software, hardware and network infrastructure. What you’ll find in the ACTC is that it’s not just one thought or one thread or even one technical solution. We really are looking at the cyber threat from the entire paradigm, whether it’s defensive cyber, active defense or cyber resiliency. We’re looking at how do we bring together all the capability that we’ve done this far and then take it even further. It is our ability to not only understand the threat that exists today, but anticipate the threat that’s coming tomorrow and provide those solutions that we can give back to our customers to help them prepare.

And just as it integrates the views of experts across different modes of cybersecurity, so too does it look at the cybersecurity picture globally. We must understand and identify threats that our allies are seeing so that together, we can figure out how to defeat that threat. If our allies are able to share what we’re seeing with us and vice versa, it allows us to combine our technology and intelligence to avoid harm. To that end, we were very deliberate in creating a global presence for the ACTC -- in addition to our two US locations, we also have centers in the United Kingdom and Australia. In this way, we take the common threats that we’ve seen every day in the United States, apply that technology and bring that technology to some of our closest allies.

Whether in the ACTC or beyond, one of the great joys about what we do is working very closely with our partners in the intelligence and communications communities on their tough challenges, because solving these challenges save lives. That’s an awesome responsibility: to be able to take that tough challenge that our customers face, apply our innovative solutions and give them the technical capabilities to be able to do their mission and then return home to their families.

Shawn Purvis is sector vice president and general manager for the Cyber division of Northrop Grumman’s Information Systems. The division is responsible for delivering cyber and security solutions to intelligence, defense, federal, state and international customers.

You've read  of  free articles. Subscribe to continue.

Dear Reader,

About a year ago, I happened upon this statement about the Monitor in the Harvard Business Review – under the charming heading of “do things that don’t interest you”:

“Many things that end up” being meaningful, writes social scientist Joseph Grenny, “have come from conference workshops, articles, or online videos that began as a chore and ended with an insight. My work in Kenya, for example, was heavily influenced by a Christian Science Monitor article I had forced myself to read 10 years earlier. Sometimes, we call things ‘boring’ simply because they lie outside the box we are currently in.”

If you were to come up with a punchline to a joke about the Monitor, that would probably be it. We’re seen as being global, fair, insightful, and perhaps a bit too earnest. We’re the bran muffin of journalism.

But you know what? We change lives. And I’m going to argue that we change lives precisely because we force open that too-small box that most human beings think they live in.

The Monitor is a peculiar little publication that’s hard for the world to figure out. We’re run by a church, but we’re not only for church members and we’re not about converting people. We’re known as being fair even as the world becomes as polarized as at any time since the newspaper’s founding in 1908.

We have a mission beyond circulation, we want to bridge divides. We’re about kicking down the door of thought everywhere and saying, “You are bigger and more capable than you realize. And we can prove it.”

If you’re looking for bran muffin journalism, you can subscribe to the Monitor for $15. You’ll get the Monitor Weekly magazine, the Monitor Daily email, and unlimited access to CSMonitor.com.