Defense stalwarts building cybersecurity CSI

Northrop Grumman joins other defense giants such as Lockheed, Boeing and Raytheon in bulking up cybersecurity technology and services

Northrop's cyber center
Northrop Grumman has become the latest defense contractor to go whole hog into cyber threat monitoring and detection. The defense giant said it has opened cyber threat detection and response center staffed around-the-clock, providing security monitoring for more than 105,000 clients and 10,000 servers worldwide.

The company joins other defense giants such as Lockheed, Boeing and  Raytheon to create their own cybersecurity technology and services.  Such companies have been hiring network security staff or buying up smaller security firms to augment their own credentials.

"Everybody smells money here," Stephen Kent, chief scientist at BBN Communications, told Network World in a recent article. "The size of the business could be enormous."

Indeed, a recent Market Research Media report showed government cybersecurity spending growing at 6.2% per year to a total of $55 billion over the next six years. Other published estimates put that spending at $11 billion to $13 billion in 2013 alone.

At Northrop, the company's Cyber Security Operations Center is a  6,300 square foot facility equipped with a large classified conference facility and secure connectivity to numerous customer networks. The heart of the CSOC is the security operations center floor, where analysts use customized tools to monitor and process more than 1.5 billion daily cyber events that occur on the Northrop Grumman network, the company stated.

"Advanced technology is key to defending any network, but it is the experience and curiosity of our analysts that allow us to proactively identify cybersecurity vulnerabilities," said Tim McKnight, vice president and chief information security officer of Northrop Grumman Information Systems in a statement. "They keep our network resilient and secure by constantly trying to make connections, determine if events are random or not. It's like a cyber 'CSI'."

At the CSOC, incident handlers respond to suspected security incidents; computer forensic examiners collect and analyze evidence from digital media; a technical team develops and deploys solutions and systems used within the CSOC; intelligence operators analyze and report on internal and external threats; and computer network defense experts design and develop security capabilities that can identify advanced threats.

Indeed many defense contractors that have worked on classified security projects before are familiar with the unique threats that states pose to the US government that differ from the kinds of threats that corporations generally face. These contractors have expertise that is a natural fit for protecting the government networks most likely to be targeted, such as those in military and intelligence agencies, Kent says.

Layer 8 in a box

Check out these other hot stories:

BBN grabs cash, turns up heat on language translation technology

Virgin Galactic takes Abu Dhabi oil money and flies

U.S. Air Force foretells drone that can make attack decisions on its own

Military spends $155M for the nucleus of future wireless networks

Navy spends $33 million for hybrid of the high seas

Shiny new Space Fence to monitor orbiting junk, satellites

DARPA wants super-power lasers for imaging, sensing, targeting

Military wants programmable bombs that can blow up only particular things

Inside the Top 10 hot aerospace technologies

Six high-tech "less-lethal" weapons that could ruin your day

Inside the bad-ass world of military research projects

Join the Network World communities on Facebook and LinkedIn to comment on topics that are top of mind.

Copyright © 2009 IDG Communications, Inc.

SD-WAN buyers guide: Key questions to ask vendors (and yourself)