IN THE BOARDROOM™ with...
|
General Dynamics C4 Systems develops and integrates communication and information systems and technology for a myriad of U.S. government programs, allied nations and select commercial customers globally. As a prime provider of network-centric products and systems, we seamlessly and securely connect users from the network core to the tactical edge with the information they need to decide and act. Our world-class capabilities create high-value, low risk solutions for use on land, at sea, in the air and in space. Based in Scottsdale, Arizona, General Dynamics C4 Systems employs over 10,000 employees worldwide and specializes in command and control, communications networking, computing and information assurance. For
more information:
http://www.gdc4s.com/documents/5-14-09-GDC4S-prf1.pdf
|
SecuritySolutionsWatch.com: Thank you for joining us today,
Chris. Please give us an overview of your background and your role at
General Dynamics
Chris Daly: I received my first exposure to information
security as a systems analyst in a government computer security lab in
1990. At that time we were just beginning to secure Internet-facing web
servers, performing risk analyses of government locations worldwide and
testing high assurance operating systems for use in secure areas. I later
served as a security consultant to a variety of financial institutions,
transportation and manufacturing companies and government agencies as
they worked to link up their legacy systems to the Internet. I also did
a stint as a regional director for a business continuity consulting practice
before returning to the federal government market where I held different
leadership positions in the security field.
I work for General Dynamics C4 Systems now which is a business unit of General Dynamics. In my role as Director of Business Development for Cybersecurity, I contribute thought leadership in the formation of various General Dynamics security offerings such as cybersecurity, cloud security,
technologies and mobile security. I also work on opportunity formation,
partner ecosystem development and technical standards bodies. For example,
I am currently a co-chair of the
Trusted Computing Group's newly formed Trusted Mobility Solutions
Work Group.
SecuritySolutionsWatch.com: We read with great interest
in your capabilities brochure (http://www.gdc4s.com/documents/GDC4S_Capabilities_Brochure_2011-06-20.pdf ) that "General Dynamics C4 Systems enables secure communication
and information flow from the network, to the desktop, to the individual.
We ensure secure access and integrity of stored and processed information.
It's what you'd expect from a company that has been protecting all levels
of information including Type 1, both domestically and abroad, for more
than 40 years." Please give us an overview of the solutions General
Dynamics brings to market.
Chris Daly: General Dynamics provides the personnel and electronic systems for Defense and for civilian government organization domestically and abroad. These systems actively defend government networks against external attacks and internal threats. We offer a broad portfolio of secure communications and computing solutions that range from satellite communications and ground systems supporting NASA to command and control systems for the battlefield. Our offerings span the gamut of custom built, assurance products for secure voice and data, such as our TACLANE® In-line Network Encryptors and Sectéra® vIPer Universal Secure Phones; to trusted cross-domain and multi-domain systems, such as our Trusted Network Environment and our Trusted Embedded Environment; to Security Management solutions. In addition, many of the solutions we offer are based on a new strategy called "COTS+." Let me provide some specific examples of what is meant by COTS+.
In the area of RF networking, General Dynamics C4 Systems is leading the Joint Tactical Radio System (JTRS) Handheld, Manpack and Small Form Fit (HMS) Team to bring secure networked voice, video and data communications to dismounted soldiers as well as vehicles and UAV's. JTRS HMS radios are built on cutting-edge Software Defined Radio (SDR) and information assurance technologies in smaller, lighter and more power efficient devices, enabling safer and more effective battlefield prosecution.
In the area of rugged, mobile computing, General Dynamics Itronix has a full range of mobile-rugged and commercial computing solutions including rugged notebooks, ultra-mobile PCs, tablets and handhelds. We offer wireless integration, DynaVue® display technology for improved outdoor-viewability and a myriad of client services. Our Tadpole® product line consists of ultra-thin clients, mobile workstations and desktop/rackmount servers. These differentiated solutions give users the flexibility to compute in secure, mobile environments.
In the area of security management infrastructure, we continue to build and deploy leading edge solutions based on a combination of COTS tools and custom capabilities for key and identity management, device integrity and software assurance. For example, we are currently leading efforts related to the establishment of platform certificates to enable trustworthy identification of endpoints - either physical or virtual machines.
These examples just scratch the surface of our COTS+ solutions, products
and services. I invite your audience to find out more by visiting
www.GDC4S.com
and checking out our full suite of capabilities.
SecuritySolutionsWatch.com: Are there any "new" solutions you would like to talk about?
Chris Daly: Through recent acquisitions, we are accelerating our ability to deliver a wider array of competitively-priced products based on commercial offerings for government agencies needing COTS+ secure tools.
New to the General Dynamics family, the General Dynamics C4 Systems Fortress Technologies product line delivers a high performance portfolio of COTS wireless and secure communications capabilities, based on industry-proven technology. The products and technologies are enhanced with industry-standard encryption that conforms to commercial and government security standards. Such security features enable users to meet stringent environmental standards for tactical wireless communications in austere environments for global defense, critical infrastructure and use across the enterprise.
Leveraging a self-forming, self-healing, path-optimizing mesh architecture, the General Dynamics Fortress advanced wireless network solution is optimized for rugged-outdoor, mobile, military, first responder and critical infrastructure environments, where reliable communications are a must. Today, General Dynamics Fortress infrastructure is the backbone of the DOD's largest wireless networks deployed around the globe.
Newly-released under the General Dynamics C4 Systems Fortress Technologies product line is the DS310 commercial off-the-shelf 'Suite B' encryptor for secret communication between wired or wireless devices and networks. Suite B enables a simpler process for connecting to classified networks while maintaining security. Delivered in a driverless PC card and supporting multiple layers of encryption, the DS310 meets stringent security guidelines, including those of the National Security Agency (NSA).
General Dynamics also acquired Argus Systems offering a suite of trusted Linux and Solaris-based operating systems and utilities based on the PitBull Foundation product. PitBull Foundation is a feature-rich, mature, multilevel security (MLS) software product that enhances and extends the security of Linux and Solaris operating systems and the X Window system. PitBull Foundation for RHEL 6.0 announced in earlier this year, is based on advanced trusted technology from General Dynamics and can replace or supersede SELinux functionality and mechanisms. PitBull Foundation is significantly simpler to set up, configure, and maintain than SELinux and gives higher performance than SELinux.
In use by leading financial institutions to secure their Internet-facing trading and consumer applications, PitBull Foundation is compatible with existing applications and provides significant security to both the system and to applications.
SecuritySolutionsWatch.com: We had the pleasure of watching
the General Dynamics Impact Video (http://www.gdc4s.com/video/GDC4S_2009_Impact_Video1.wmv).
Please share with us your perspectives on the latest trends and best practices
in achieving secure mobile communications.
Chris Daly: Securing mobile communications and mobile computing platforms are the hottest security topics today - and for good reasons. We are already seeing a steep rise in the number and diversity of malware that target mobile platforms such as spyphone apps, rootkits and man-in-the-middle proxies. This rise in malware is accompanied by an increase in remote work or telework that puts more endpoints outside of the enterprise perimeter and at greater risk for security incidents. Mobile platforms may also introduce new types of information to risk of loss or privacy breach – data like your physical location, photos, contacts lists, texts, and call logs. With eWallets and mobile money applications, you also can put financial data at risk in new ways. Another emerging trend is the concept of "bring your own device" (BYOD) to work. This concept of mixing enterprise and personal usage of mobile devices will likely keep security professionals awake at night for some time to come. Among General Dynamics' top business priorities is helping customers understand the adversary and identify and repair vulnerabilities before they can be exploited.
Mobile computing has also introduced new ways to work and communicate. For example, app stores provide an amazing array of new capabilities for use on-the-fly. Other new computing and communications methods include context-aware mobile computing, self-forming mobile area networks (MANETs), Near Field Communications (NFC), adoption of WiMAX and mobile money. From a security perspective, all of these new capabilities require refinements of trust systems, protection mechanisms, and security protocols.
The good news is that mobile device management and security providers
are working hard to fill the gaps, however exploit mitigation strategies
still lag in the mobile space. For example, patching discovered vulnerabilities
for mobile devices still takes too long. Greater adoption of existing
standards and best practices is also needed. Groups and forums such as
the Trusted Computing Group, the Global Platform organization, ISO TC
204 and the Mobey Forum offer trust and security specifications and best
practice options for securing mobile platforms and communication. Also
worthy of consideration is movement beyond permission-based systems to
greater employment of separated, trusted execution controls and protections
- especially when a device is used for both business and personal. In
general, strong authentication, trusted identity, configurable settings,
encrypted storage, compliance scanners, and secure VPNs are all key elements
to extending the enterprise controls to the mobile endpoint and are on
every requirements list of security professionals dealing with mobile
computing and communications.
SecuritySolutionsWatch.com: What are your key target markets
and what is your perspective on the market drivers for General Dynamics'
solutions at this challenging economic time?
Chris Daly: Our key markets include the government,
telecommunications, health care and financial industries. Clearly, our
customers across the board need to do more with smaller budgets. It's
a 'perfect storm' for experienced providers who can slash the cycle time
from requirements identification to fielded capability and to better leverage
existing infrastructure in the delivery of capabilities. This environment
demands a movement from strictly organic offering development to more
agile offering frameworks based on open standards and COTS technologies.
Therefore, our focus at General Dynamics has been a COTS+ approach that
will enable rapid development, quick technology insertion and improved
management of capabilities for our core customer sets. We are extending
capability from the enterprise or the cloud to the mobile endpoint. The
"plus" in our COTS+ strategy reflects our strong belief in the
value of trusted technologies and trusted integrated solutions. This strong
belief is one of the reasons for our continued commitment to the Trusted
Computing Group, and other entities that lead the thinking on government
and commercial trusted technology standards.
SecuritySolutionsWatch.com: Are there 1 or 2 success stories
or "wins" you would like to talk about?
Chris Daly: One relevant and interesting work area is
mitigating insider threats. An insider threat is a person, generally an
employee, ex-employee, or trusted user who uses their granted authority
and privileges to gain access to information and computing resources;
and, leverages this access to conduct activities intended to cause harm
to an enterprise. We are currently demonstrating the integration of trusted
computing-based technologies to enable network access control, trusted
identity and platform integrity verification. These technologies work
in conjunction with other security controls such as public key infrastructure,
data loss prevention, attribute-based access control, and vulnerability
scanning to provide near real-time situational awareness and mitigation
of the insider threat. This extensive capability is based on a COTS+ framework
and illustrates the fine-grained controls, flexibility and awareness that
are achieved with an open standards approach that implements the Trusted
Computing Group specifications. We are currently piloting this capability
in a government solutions lab.
SecuritySolutionsWatch.com: What resources are available
for your customers and strategic partners at www.GDC4S.com ? (feel free
to talk here about case studies, "white papers", literature,
etc.)
Chris Daly: In addition to the informational
resource available on www.GDC4S.com The General Dynamics sponsored,EDGE®
Innovation Network, offers a collaborative, open-environment initiative
enabling industry and academia, with government input, to work together
to enhance the delivery cycle of new technologies and innovative capabilities
to the military, law enforcement, first responders and others.
With more than 240 members and EDGE Innovation Centers located in the
United States, Canada and the UK, each EDGE Innovation Center provides
subject matter expertise, equipment, facilities and laboratories for developing
and testing new technologies, products and systems at faster cycle times
than are currently possible on funded programs, all the while enhancing
capability effectiveness and agility.
More information about EDGE can be found here:
http://www.edge-innovation.com/
I would also like to highlight our collaborative work in the area of trusted
computing technologies. Specifically, as part of the NSA High Assurance
Platform (HAP) Program, we are leading the effort to transition HAP trusted
computing technologies to an open source model. The focus of the HAP contract
has always been to provide reference implementations of TCG-based capabilities
at various stages of development in order to encourage the use of trusted
computing technology by commercial vendors. We are currently delivering
on one of the main goals of the HAP effort by providing technology transfer
to government-identified commercial vendors. This effort allows the Community
to incorporate selected HAP components (e.g., Trusted Platform Module
(TPM) usage, Platform Trust Services, Key Management) into their products/systems
in an interoperable, standardized way using proven technology. At General
Dynamics, it's our goal to incorporate protective measures into the design
and operations of networks to avoid vulnerabilities.
SecuritySolutionsWatch.com: We understand that General Dynamics
is a member of the
Trusted Computing Group. We had the pleasure of recently
publishing an
interview with TCG's President and Chairman, Dr. Joerg Borchert .
Care to elaborate on General Dynamics activities with TCG?
Chris Daly: General Dynamics is proud to be a long-time Contributor member of the Trusted Computing Group (TCG). Our early involvement stems from ongoing work with government customers leading to one of the first reference implementations of TCG specifications. This pioneering reference implementation included support for several TCG specifications including Trusted Network Connect (TNC), Trusted Platform Module (TPM)-based platform integrity measurements and attestation, and the use of virtual TPMs in a virtualized commercial workstation. This capability is currently productized and supported as our Trusted Virtual Environment (TVE) offering. General Dynamics continues to participate in multiple TCG Work Groups, the latest being the Trusted Mobility Solutions (TMS) Work Group that I co-chair. The TMS WG is especially interesting to me since it focuses on how customers can take advantage of the basic TCG capability building blocks in the development of an end-to-end, trusted mobility solution. The TMS WG plans to deliver an end-to-end reference architecture, use cases, solution requirements and reference implementations for
platforms and is open for new members to participate. The TMS WG is
also working closely with other TCG Work Groups and liaison members such
as the Mobey Forum, to ensure that we deliver solutions that can be readily
adopted and deployed.
SecuritySolutionsWatch.com: Thanks again for joining us
today, Chris. Are there any other subjects you would like to discuss?
Chris Daly: I would like to conclude by saying that
system assurance practices need to adapt to the dynamic computing and
communications environment. In general, system assurance principles need
to have greater consideration in the early phases of requirements and
design of software and system components. At the same time, the security
community must make security mechanisms simpler to understand and configure.
Despite many advances and good intentions in systems security, point protections
continually lag behind the threats -industry must invest more in trusted
technologies and a cohesive end-to-end security framework to address the
increasing sophistication and impacts of threats.