Cybersecurity Blog: The Cyber Scene is evolving, are you?

With increased public awareness of cyber attacks and corporate America’s growing concern over cybersecurity, board members are asking more informed, tougher questions of their security teams. Many teams still focus on reporting activity such as number of hits detected and tickets closed—information that does not accurately reflect the team’s success or help inform investments.

At a recent Gartner Summit, Rich Mahler, Director of Leidos Commercial Cyber Services (formerly Lockheed Martin), discusses why teams need to stop measuring effort and focus on what matters—wins against real threats. One way to do this is by framing metrics in the context of the Cyber Kill Chain®. The framework enables teams to accurately identify which of their existing tools are most effective at detecting and blocking threats and where there are gaps/weaknesses—information that informs cybersecurity investments.

Read more

It is my great pleasure today to confirm that the merger of Lockheed Martin IS&GS (Information Systems and Global Solutions) with Leidos has been completed. The merger between Leidos and Lockheed Martin’s ISGS world-class expertise, reputation and global reach with a diverse and balanced portfolio of IT and OT products and services.  This $10.8bn company now offers expanded cyber capabilities across our solution portfolio as well as increased access to top talent. 

Read more

Need to improve your company’s cybersecurity? A myriad of vendors and thought leaders are ready to sell their products or ideas to do just that. What you don’t usually hear is how some of these technologies or practices might not be as effective as you’re led to believe. Working in systems engineering, as well as having run red team and blue team assessments for some of the world’s largest companies, I’ve observed four common practices that contribute to sophisticated corporations being lulled into a false sense of cybersecurity.

Read more

Live security evaluations are essential to the good security health of an organization.  An evaluation performed by a skilled internal organization—or a qualified third party—allows an organization to objectively test its security measures and defensive capabilities. This not only helps evaluate the effectiveness of existing security controls which may require remediation, it also identifies blind spots that represent pockets of previously-unknown risks to the organization.

Read more

Jason Holcomb, Principal Security Consultant for Lockheed Martin Commercial Cyber Solutions, discusses the role intelligence and automation can play to simplify the information flow between management and supervisory control systems.

Read more


“You will never reach your destination if you stop and throw stones at every dog that barks.” – Sir Winston Churchill


This summer our team has been traveling the globe with our message of cyber enlightenment. Through real-world accounts of how we’ve helped some of the world’s most prominent companies mature their cybersecurity posture, our analysts have inspired hope and doled out practical steps both practitioners and leadership can take to shore up their networks.

Read more

Find out how one analyst used social media to collect enough intel in five hours to breach a Fortune 500 company.

What is open-source intelligence (OSINT)? Quite simply, its intelligence collected from publically available information such as Facebook, LinkedIn and even the dark web. Are you using information available from these sources? Adversaries are!

Read more

A recent Ponemon Institute survey, Intelligence Driven Cyber Defense, sponsored by Lockheed Martin, surveyed security and risk professionals regarding their organization's cybersecurity programs and methodologies. The express purpose of the survey was to collect feedback about resource allocation and implementation in organizations that are proactively addressing the need to reduce risks posed by cyber adversaries such as hackers and cyber criminals. The survey aimed to answer the question: are organizations embracing new approaches, like an intelligence-driven cyber defense strategy, to protect themselves as cyber attacks become more recurrent and severe? The key findings of the survey can be arranged into three specific themes including challenges addressing cybersecurity risks, cybersecurity strategies missing the mark and achieving an intelligence driven cyber defense.

Read more

Given the wave of high profile cyberattacks in the news, one might think data breaches happen no other way. Unfortunately, having sensitive company information fall into the wrong hands does not require breaking through a firewall. Many of your employees, who have greater access to sensitive data than ever before, are at risk of unknowingly leaking information.

Read more

“You can’t buy the Cyber Kill Chain®, but you can buy into it.” – Justin Lachesky

In a recent webcast, Justin Lachesky, Lead Analyst & Manager, Security Intelligence at Lockheed Martin, and Jon Heimerl, Senior Security Strategist at Solutionary, discussed tactical and strategic approaches of using the Cyber Kill Chain® to effectively respond to cyber-threats.

After reviewing key findings from the NTT Group’s 2016 Global Threat Intelligence Report, Heimerl introduced an incident response case study (minute 10:18 of the recording below) in which the team effectively leveraged the Cyber Kill Chain® analytic framework to better understand each phase of the attack and gain a comprehensive picture of the adversary’s tactics, techniques and procedures. The mid-size financial client, code named Peaceful Panda Financial Corporation (PPFC), did not know they were breached until day 65 of the attack.

Lachesky jumps in at minute 13:10 of the recording to walk us through the seven successful steps the adversary took before posting sensitive PPFC data to a PasteBin site.

Read more