Lockheed Martin employees working on rocket engine.

Customer Information Systems and Network Security


Objective

Ensure our products and processes capture, store and transfer data securely to protect the privacy and security of customer information and reduce the likelihood of data fraud, loss, sabotage and theft.

Management

New technologies such as artificial intelligence, augmented reality and networked factories are poised to revolutionize the way we design, build and sustain our products and services. The interconnected nature of these new technologies creates opportunities for greater efficiency but also expands the scope of activities, which operate in a computer network environment. This presents significant challenges to our ability to protect our products and services against increasingly sophisticated cyber threats.

To address these risks, Lockheed Martin is delivering full-spectrum cyber capabilities and cyber resilient systems to our defense, intelligence community and global security customers. From initial concept to life-cycle sustainment, we consider and integrate full-spectrum cyber capabilities into everything we deliver to our customers. Lockheed Martin provides services and builds the platforms, tradecraft and tools proven to help our customers move faster, be safer, improve quality and contain costs for critical missions.

Our classified cybersecurity operations are fully integrated with the Lockheed Martin Fusion Center that was launched in 2020. We leverage our industry-leading Insider Threat tools within our classified environments to facilitate the protection of our customers most sensitive technologies and programs.

Lockheed Martin introduced the Cyber Resiliency Level® (CRL®) framework in 2019 as the world’s first, standard method to measure the cyber resiliency maturity of a weapon system, regardless of where the weapon system is in its life-cycle.  In support of that CRL® framework, Lockheed Martin created the Cyber Resiliency Scoreboard™ (CRS™) in 2020 to help customers make informed decisions for prioritizing their resources on the most impactful cybersecurity solutions. CRS™ includes a survey tool and a dashboard displaying qualitative and quantifiable performance metrics used to guide stakeholders in selecting courses of action for increased cyber resilience of systems from conception through delivery to retirement. CRS™ has been successfully applied to numerous programs across each of our Business Areas to help our customers mitigate risks and determine which mitigations provide the most cost-effective benefits.

In partnership with Lockheed Martin Global Supply Chain Operations, Supply Chain Cyber provided a briefing on Cybersecurity Maturity Model Certification (CMMC) "Bridging the Gaps to Accelerate CMMC Preparation" via virtual webinar in 2020. This was the most attended supplier webinar to date.

For more information on our broader approach to cybersecurity, please visit our Sensitive Data and Intellectual Property Protection page.

2020 SMP Goals

Monitor employee cybersecurity engagement to counter malicious email threats and monitor number of vulnerabilities per device on core IT networks.

Achievement

Success: We do not disclose performance data deemed competitive and proprietary.

Monitor data loss incidents that occur within core IT networks for business operations.

Achievement

Success: We do not disclose performance data deemed competitive and proprietary.

We track two other proprietary goals to improve the security of sensitive data and intellectual property and IT networks

Achievement

Partial Success: We do not disclose performance data related to these proprietary goals.

Customer Information Systems and Network Security
Lockheed Martin’s Cyber Center of Excellence

Our customers are counting on us to help them move faster and drive innovation with greater agility. To maintain our position as the world’s aerospace and defense leader, we recognized the need to accelerate our transformation for the digital age. New technologies like artificial intelligence, augmented reality, data analytics and networked factories have revolutionized the way we design, build and sustain our products. The hyperconnected nature of this technological revolution has created many new opportunities for greater efficiency and productivity, but it also has expanded the scope and reach of our activities that occur in and through cyberspace. To address the challenges of protecting and defending our products against increasingly sophisticated cyber threats, we launched the Lockheed Martin Cyber Center of Excellence (COE) in 2020.

Our Cyber COE fosters collaboration and drives innovation in advancing cyber capabilities to solve challenging problems. The Cyber COE leverages the collective talents our cyber community to work together on solving shared problems. Collaborative activities are designed to support three major objectives aligned to people, processes and technology. In 2020, the Cyber COE organized and led 21 collaborative initiatives to cultivate cyber talent, to increase efficiency and productivity and to advance cyber capabilities. Each of these activities were chosen for their value to our Business Areas in delivering innovative solutions for the purpose of helping our customers keep people safe.

Customer Information Systems and Network Security
Level 3 Enterprise CMMC Mock Assessment Success

As part of the Cybersecurity Maturity Model Certification (CMMC) Pathfinder project, Lockheed Martin in late July 2020 participated in a CMMC mock assessment. The mock assessment provided an opportunity to exercise many different assessment stages: training the assessors, preparing for an assessment, using assessment evaluation materials, conducting a mock CMMC assessment and scoring a mock assessment. This CMMC Level 3 mock assessment focused on the 20 new security practices from CMMC and the 3 maturity processes for Level 3 Certification. Lockheed Martin passed the mock assessment, and the experience gave us the opportunity to have a two-day dry run as preparation for our official assessment.

Customer Information Systems and Network Security
CMMC Industry Collaboration

Lockheed Martin is playing a lead role in the CMMC Working Group, which is comprised of the Office of the Under Secretary of Defense (OUSD), Johns Hopkins Applied Physics Lab (APL), Carnegie Mellon Software Engineering Institute (SEI) and the Defense Industrial Base Sector Coordinating Council (DIB SCC; collectively led by BAE Systems, Boeing, Lockheed Martin, Northrup Grumman and Raytheon) to further define practices and the implementation model.

Customer Information Systems and Network Security
Pathfinder Table-Top Exercises

CIS and Missiles and Fire Control Information Security Office (MFC ISO) participated with the Terminal High Altitude Area Defense (THAAD) Program team along with Missile Defense Agency (MDA), OUSD, other U.S. Department of Defense (DoD) and non-DoD CMMC stakeholders in the three tabletop exercises (TTX). TTX-1 targeted the Request for Information (RFI) sub-process of the acquisition cycle, intended to identify and highlight any challenges or recommended approaches for DoD RFIs as they incorporate CMMC requirements into future contracts. TTX-2 focused on creating a mock Request for Proposal (RFP) to reflect what will be provided to industry. TTX-3 focused on identifying potential issues that could arise after or in conjunction with contract award for contracts with CMMC requirements, and developing recommended mitigation strategies for dealing with these eventualities. Feedback from participating stakeholders was that the events were successful in accomplishing objectives, and several highlighted recommendations were captured with action plans.

Customer Information Systems and Network Security
Intelligent Factory Framework (IFF)

As the Industrial Internet of Things (IIoT) continues to mature, Lockheed Martin manufacturing lines are quickly adopting more network connected IoT devices. With this influx of devices comes increased capability and the promise of more efficient management of manufacturing capacity and device life-cycles, while leaning our manufacturing work flows. However, enabling this capability introduces cyber risks to maintaining our most critical shop floor operations. The Intelligent Factory is Lockheed Martin’s edge compute platform that secures, scales and standardizes device connectivity. We are using modern platform techniques including application programming interfaces (APIs), machine learning and software defined networking where machines across the company automatically report on their status in real-time. The information is used to avoid production issues, improve efficiencies and gain new visibility around operational equipment metrics from concept to product. Through 2020, Lockheed Martin deployed the IFF to 7 sites with manufacturing operations and enabled 185 IIoT devices.  Heading into 2021, Lockheed Martin plans to rapidly expand coverage of our facilities and the devices supported by the gateway.

Information Security

TOP