Cybersecurity’s biggest challenge today is straightforward to describe and extremely hard to fix: you can’t see the threat before it hits you. Cyber defenders have little to no warning that an intruder is lurking just beyond their borders.
That’s why we see cyber technology as more than just the passive understanding of protecting our systems. Taking a position of active defense means looking not at just protecting the network, but the protection of the network and the constant monitoring of the network to identify threats. When we talk about full-spectrum cyber, we’re talking about taking it even one step further. Not only are you protecting your environment, you’re monitoring that environment and now when you identify or find an indication that a threat is coming, you can defeat that threat preemptively.
Taking a full-spectrum operations approach is about a very deliberate effort to defeat the threat before the threat comes into the system. We do that in some cases by understanding the attacker’s vulnerabilities and issuing our own cyber initiatives that exploit those vulnerabilities.
Simultaneously, we are investing in advanced forms of defense, what we call cyber resiliency. Cyber resiliency looks to not only protect the environment from the outside, that end point of the information sphere, but also how to understand what malicious actors are already inside the network, identifying that threat and then protecting and healing the network as that threat is being removed from the system. Finally, rounding out this picture of understanding where threats are coming from involves looking at cybersecurity from a global standpoint. There’s a greater requirement and a need for us to communicate with our allies because the threat does not focus just on one entity or one country.
Into this world of rapidly-evolving threats, increasingly complex technology and global connectivity, we continually ask ourselves, “How do we stay ahead of that threat? How do we create proactive capability and technologies that are integrated enough so that our customers not only start secure, but return secure from their missions?”
To that end, we’ve established the Advanced Cyber Technology Center (ACTC), a nexus for our advanced cybersecurity work with four locations on three continents. The goal of the ACTC is to understand how we need to continue to innovate in cyber technology.
That process of innovation includes a commitment to partnership with our customers. What we want to understand is what keeps them up at night. What are the challenges that they face? And then how can we take that challenge and bring that into our research and development so that we provide solutions and technical capability that allows them to defeat that threat not just for today, but for tomorrow. How do our customers stay secure? How do they stay strong?
To answer those questions, Northrop Grumman takes an interdisciplinary and multinational approach. We’re bringing some of the best of the best across Northrop Grumman into the ACTC, including top-flight talent in software, hardware and network infrastructure. What you’ll find in the ACTC is that it’s not just one thought or one thread or even one technical solution. We really are looking at the cyber threat from the entire paradigm, whether it’s defensive cyber, active defense or cyber resiliency. We’re looking at how do we bring together all the capability that we’ve done this far and then take it even further. It is our ability to not only understand the threat that exists today, but anticipate the threat that’s coming tomorrow and provide those solutions that we can give back to our customers to help them prepare.
And just as it integrates the views of experts across different modes of cybersecurity, so too does it look at the cybersecurity picture globally. We must understand and identify threats that our allies are seeing so that together, we can figure out how to defeat that threat. If our allies are able to share what we’re seeing with us and vice versa, it allows us to combine our technology and intelligence to avoid harm. To that end, we were very deliberate in creating a global presence for the ACTC -- in addition to our two US locations, we also have centers in the United Kingdom and Australia. In this way, we take the common threats that we’ve seen every day in the United States, apply that technology and bring that technology to some of our closest allies.
Whether in the ACTC or beyond, one of the great joys about what we do is working very closely with our partners in the intelligence and communications communities on their tough challenges, because solving these challenges save lives. That’s an awesome responsibility: to be able to take that tough challenge that our customers face, apply our innovative solutions and give them the technical capabilities to be able to do their mission and then return home to their families.
Shawn Purvis is sector vice president and general manager for the Cyber division of Northrop Grumman’s Information Systems. The division is responsible for delivering cyber and security solutions to intelligence, defense, federal, state and international customers.