Cybersecurity Blog: The Cyber Scene is evolving, are you?

“You can’t buy the Cyber Kill Chain®, but you can buy into it.” – Justin Lachesky

In a recent webcast, Justin Lachesky, Lead Analyst & Manager, Security Intelligence at Lockheed Martin, and Jon Heimerl, Senior Security Strategist at Solutionary, discussed tactical and strategic approaches of using the Cyber Kill Chain® to effectively respond to cyber-threats.

After reviewing key findings from the NTT Group’s 2016 Global Threat Intelligence Report, Heimerl introduced an incident response case study (minute 10:18 of the recording below) in which the team effectively leveraged the Cyber Kill Chain® analytic framework to better understand each phase of the attack and gain a comprehensive picture of the adversary’s tactics, techniques and procedures. The mid-size financial client, code named Peaceful Panda Financial Corporation (PPFC), did not know they were breached until day 65 of the attack.

Lachesky jumps in at minute 13:10 of the recording to walk us through the seven successful steps the adversary took before posting sensitive PPFC data to a PasteBin site.

Read more

Lockheed Martin and Interset Present at This Year’s Gartner Summit

With all of a company’s sensitive information stored electronically and employees having greater access to that information than ever before, the opportunity to do harm—maliciously or unintentionally—is a reality that can no longer be ignored.

Case in point. Last year, a former network engineer, after learning he would soon be terminated, shut down his organization’s network servers and deleted critical data. His actions prevented the company from fully communicating for 30 days and limited its access to data and applications—an attack that cost the company more than $1 million.

Companies Need a Different Approach to Stop Insider Attacks

More than two-thousand risk and security leaders came to The 2016 Gartner Security & Risk Management Summit this year to discuss their biggest security challenges. The topic of insider threat detection emerged as a continuing challenge for security leaders.

Read more

The recipe for success = employee behavioral data + user behavior analytics

Insider incidents are on the rise. In fact, recent Ponemon Institute survey indicated that malicious insiders pose the greatest cyber risk to organizations today. No wonder trade secrets and IP theft are projected to double by 2017, approaching a half a trillion dollars annually. But what can security leaders do to successfully address this scale of problem and protect their organization?


“If you’re making money today – you’re a target.”

– Kevin Shewbridge, Intelligence Analyst Lockheed Martin

Read more

One example of how a tailored solution for a client engagement delivered benefits.

When our cybersecurity professionals engage with clients, there are many diverse tools and processes we may utilize to effectively and efficiently manage the particular project. However, there are times when each project manager must customize a solution for a particular project to develop an innovative result.

Clients often have a unique environment or a new condition requiring a specific solution. One recent example is a project I managed for a large chemical company that required significant upfront planning. In my experience managing IT development projects, I sometimes use mind maps to successfully manage projects. This brought a thought to my mind: can mind maps be used to manage your cybersecurity projects?

Read more

Breaches disclosed in the media foster conversations within organizations on how to protect critical assets and enterprise infrastructure. Loss of intellectual property, financial data and customer confidence have produced tangible evidence of an evolving threat landscape that, in turn, has elevated the conversation to the board room.  

This cyber awakening has many organizations evaluating current security measures including tools and technology – and the options available in the market are endless!    

On May 11, 2016, I joined Greg Masters of SC Magazine for an evaluation of new cyber technologies in the marketplace. In my role as Chief Technologist for Lockheed Martin’s commercial cyber business, I’m focused on evaluating the latest trends in the market in order to advance our own defense strategies. 

In the following on-demand webcast, I analyze a variety of cyber technologies that can enhance your defenses including: Threat Intelligence Platforms, Security Operations (SecOps) Tools, Endpoint Detection and Response as well as User Behavior Analytics. 

Read more

External threats garner most of our attention and, consequently, the majority of our security resources but industry analysis demonstrates that cyber-crime incidents perpetrated by insider threat actors are trending up and to the right.

On May 4, 2016 my colleague, Kevin Shewbridge, and I were joined by Forrester Research Senior Analyst and guest speaker Joseph Blankenship for a discussion about the very real threat that malicious insiders pose to organizations around the globe.

Read more

Most security vendors these days, including Lockheed Martin, are touting new capabilities for automatically detecting advanced threats through the use of data analytics and automation. In business, “automation” is often synonymous with downsizing. In this case, however, we would argue the implementation of automation tools is not about downsizing staff but rather empowering cyber analysts to do more, good work. However, while automating some of the more mundane and menial tasks of an analyst may free up cycles, it is not a cure-all solution that eliminates the need for human intelligence.

Read more

How to assemble a team with the skills and qualities needed to outpace today’s evolving threat landscape

We are defenders. It’s in our DNA. While defending cyber interests globally we’ve developed a skilled team, advanced capabilities and a proven framework to proactively protect what matters most. Our solutions promote a mature cybersecurity posture.

Read more

Lockheed Martin Cyber Kill Chain® Prominent Component of NTT Group’s 2016 Global Threat Intelligence Report

This year’s Global Threat Intelligence Report (GTIR) provides organizations the data needed to disrupt attacks. Solutionary, an NTT Group company, partnered with Lockheed Martin on their 5th annual GTIR. 2016 is the first year the report included partners with the goal of an expanded view of the threat landscape, and more analysis of attacks, threats and trends from last year. The 2016 GTIR includes information from 24 security operations centers, seven R&D centers, 3.5 trillion logs, 6.2 billion attacks, and 8,000 security clients across 6 continents.

The report uses last year’s attack information and the Lockheed Martin Cyber Kill Chain to highlight practical application of the Cyber Kill Chain and explain a comprehensive strategy to enable effective security across the entire organization.

Read more

Misspelled word thwarts cyber-heist but not before $81 million is syphoned from Bangladesh Central Bank

This past February, hackers were able to steal $81 million from the systems of the Bangladesh Central Bank. Funds were moved from its account at the Federal Reserve Bank of New York to private accounts in the Philippines via wire transfers using the SWIFT payment network. Although this registered as one of the largest cyber heists in history, the damage could have been upwards of $1 billion if not for the attacker’s misspelled word in one of the fraudulent requests. The mistake tipped off an employee at Deutsche Bank and ultimately saved millions of dollars.

Read more