2007 Issue 2 - Raytheon

More documents

Recommendations

Info

Feature Information Assurance: A Holistic Approach Post-9/11, it became apparent that creating a physical “ring of steel” around chosen environments where security was the cornerstone for safety and security was counterproductive. It did not restore confidence in our economy, our industries or our citizens. A realization grew quickly that what was needed was the ability to authenticate a person claims, while still maintaining confidentiality. These claims include 1) a person’s identity, 2) their permission to be at a certain place at a certain time, and 3) their authorization to perform certain activities. This is not necessarily physically bound — it is both real and virtual. Information Assurance (IA) is the “process” by which we protect and defend our information and information systems in order to ensure confidentially, integrity, availability and accountability. IA also extends to restoration, with protect, detect, monitoring and reacting capabilities. Even if you don’t understand what this means, it is still changing your world. Just as we experience in real life, accountability closes the loop on any holistic approach to IA. The access control environment must allow an audit loop to be established with someone responsible for the activity in the loop. Hence, the holistic principle of IA becomes confidentiality, integrity, availability, accountability and restoration. This means that IA becomes a people-directed activity, with clear links of responsibility to the individual through association by identification. As the real world becomes more and more digitized, so does the need for irrefutable authentication of people involved with permission to be in that digital environment. Authentication — or the ability to prove in 20 2007 ISSUE 2 RAYTHEON TECHNOLOGY TODAY a non-repudiation approach that you are who you say you are — then became integrated with all other daily processes. At that point, IA reflected the issues that safeguard daily life. This is an important point because it means that IA is, in fact, the way we view digital life, and not a “bolt” in the way information security, engineering security, or operations security has been in the past. In fact, IA is an integrated approach to security, incorporating policy, technology and security (personal, physical and environmental) components, and must be “baked” into the “process.” Accordingly, real-life issues such as privacy are justifiable ones for IA. Indeed, it will become the principal issue to overcome: the ability to prove your identity and that you are entitled to the list of permissions associated to you and the information you access or distribute. This suggests that the IA world is one of permissions (not rules or law). As society embraces the net-centric world, it is becoming overwhelmed with information. We experience the knowledge age (the application of information) as a society hungry for information (some productive and other destructive), so much so that entire programs have been built around achieving greater efficiency to access and process knowledge. I believe what 9/11 taught us is that people matter. People must be identified in a nonrepudiatable manner to allow society to continue to operate in a safe and secure way. Therefore, IA is not just about technology, information or even infrastructures; it is about protecting our most valued asset — our homeland, citizens and way of life. Raytheon is and has always been a customer-focused organization. While everyone else rushed to the IA “gold mine,” Raytheon has been more vigilant, waiting for others to catch up and really understand what the issues are — truly adding value to our clients’ mission-critical requirements. So whether it is our clients’ highly classified operating environment, a commercial business, protecting our employees at home and work, or our own business operations, we practice what we preach. We take pride in our holistic information assurance program, and we enjoy a privilege that we do not take for granted: being considered your partners in transformation. • Stephen R. Haynes stephen_r_haynes@raytheon.com PROFILE: STEVE HAYNES Steve Haynes is an entrepreneurial,broadbased thought leader specializing in Information Assurance, an integrated approach to security. Haynes has extensive hands-on experience in the strategic and tactical implementation of e-commerce, e-government and e-business related products and services. “With security, it’s no longer about assessing or even managing the risk,” said Haynes, “it’s about governing the risk.” His 15 years of exemplary service in the security field, coupled with 20 years in the credit card industry, has earned him the respect of his industry. “I take pride and pleasure in serving my clients and focusing on their enterprisewide mission critical needs.” Noted for his visionary leadership and proactive problem-solving approach, Haynes’s holistic focus is on the process of protecting and defending information and information systems. “My goal is to make clients successful by providing what we have learned and help them become thought leaders in the Information Assurance industry. This will enable them to meet their mission-critical goals and objectives. That’s what will keep them coming back again and again.” An Information Assurance instructor at the National Defense University, Haynes is periodically asked to assist the U.S. government by engaging in strategic joint agency tasks/initiatives. He is also on retainer to the Executive Office of the President and has been an advisor to three presidential administrations and numerous senior levels of management on a regular basis. He is called upon to define overall corporate strategic positioning and tactical implementation to enhance corporate level value and provide business advantage. A leader by example, Haynes empowers resources to act with speed, simplicity and self-confidence. “My great grandfather used to say, ‘It’s not enough to do things right, it’s as important to do the right thing.’ And at Raytheon, we strive to serve our clients with holistic solutions that work — the first time, every time.”
L E A D E R S C O R N E R Heidi Shyu Vice President, Corporate Technology and Research Recently Technology Today talked with Heidi Shyu about technology and innovation, and her new role as vice president of Corporate Technology and Research. Shyu discusses her approach to creating an enterprise-wide technology vision and direction, the importance of disruptive technologies and radical innovation, and her penchant for taking on — and reaching — “unachievable” goals. TT: Throughout your career, you’ve held many senior leadership positions. Can you share with us some of the attributes you believe are essential to effective leadership? And how do those attributes influence your new role as vice president of Corporate Technology and Research? HS: First, I always try to look at the big picture, and figure out how all the pieces of the puzzle fit together. Even from the early stages of my career, when I was given one task that was part of a huge effort, I always tried to understand, “Here’s my little piece of the puzzle, now, how does it fit into the big picture? What is the right thing to do for our customer?” Second, you need to communicate your vision and your plan. You can never communicate enough. People fail because they don’t communicate clearly. Therefore, your ability to articulate and communicate is very essential. One other thing that has always helped me is I have always had a passion to do whatever task I am given. I just dive right in; whatever the challenge is. That becomes infectious. When troops see that you really care about what they are doing and the goal that you have set, they then realize we are really trying to aim for the same goals. Namely, we are trying to do the best thing for the company, the best thing for the customer and to beat our competition, not each other. TT: How has your past experience prepared you for this role? HS: I think that as I grew in my career, I faced many things that I have tried to figure out how to orchestrate. One of the early tasks I was given was developing modeling and simulation, and I tried to figure out, “How does my piece fit into that big picture?” I then took the initiative to lay out the entire simulation, and show my little piece in the overall big picture. I am always trying to figure out “How does this work?” I know my project manager was delighted that I took the initiative to do that. Another key: Never stop learning. Each step, wherever I am in my career, I look a couple of ladders above me and I observe the people there. What are things that they know, that I don’t know? Those are things I need to learn. What attributes do they have, that I currently don’t have, and I can learn? Find out your own shortfalls. It’s good to get independent assessments of yourself, and figure out how you need to grow as a person throughout your career. TT: What people or programs influenced your career? HS: When Dr. Peter Pao asked me in 1997 to lead the Joint Strike Fighter Active Electronically Scanned Array development, it seemed insurmountable at the time because we had an incredibly short period of time to develop something that seemed unachievable — weight reduction, reliability improvement, reducing the observability, improving the survivability, reducing cost … and do it in record time. Most people told me I was crazy to take that job, but I never came to that conclusion. The way I approached it was, “OK, truly here’s an opportunity to do something that’s incredibly important for the company.” So you have to not be afraid of challenges. Then you have to methodically figure out how to do it. You can’t eat the whole elephant in one bite, so what is your path? What is your plan? How do you put your arms around this incredibly difficult problem? I think a lot of the “thinking through” early on and planning the steps that you have to take is so important. TT: In your new role, you’re responsible for the development and execution of an integrated enterprise-wide technology and research vision and strategy. How do you go about formulating a vision that encompasses Raytheon’s breadth of technologies, programs and priorities? HS: Again, the approach I take from the beginning is to figure out the big picture. I read the Quadrennial Defense Review — the 20-year vision of the capability we would like to have. I then think about the capability we would like to achieve. What are the threats out there that we are facing today? What are our capability shortfalls that we have relative to the threats in the environment we are facing? Then you take a systems approach to decomposing the problem. What are the opportunities out there for us? What are the enablers that can help you achieve this capability to fill the gap that we have, and what are the technology options that we have to close this capability gap? Then, from the technology options we have, how well are we doing in this particular technology relative to our competition? Are we ahead of the pack? Nose to nose? Or are we lagging? Then consider are there other companies out there that we can team with to help us bridge this gap? Then you flow down: Are there CRAD (Contract Research and Development) opportunities? Are there IRAD (Internal Research and Development) opportunities we should be pursuing? What is our road map for getting there in the near-term, in the mid-term and in the long-term? Continued on page 22 RAYTHEON TECHNOLOGY TODAY 2007 ISSUE 2 21
Page 1 and 2: Technology Today HIGHLIGHTING RAYTH
Page 3 and 4: Technology Today is published quart
Page 5 and 6: Ensuring That Our Systems Can Be Tr
Page 7 and 8: ISSE Process DIACAP DoDIIS NIST Dis
Page 9 and 10: al information systems (MNIS). MNIS
Page 11 and 12: Data Validation Data Feed 1 Large F
Page 13 and 14: diagnose attacks/bugs/errors; gener
Page 15 and 16: ated a functional prototype wireles
Page 17 and 18: Feature Information Assurance and S
Page 19: Figure 1. User CONOPS/E-mail Figure
Page 23 and 24: onTechnology Warfighter Challenges
Page 25 and 26: Short-term Benefits Faster Code Dev
Page 27 and 28: onTechnology The Benefits of Galliu
Page 29 and 30: µ, ε Space k = ω εµ M A T E R
Page 31 and 32: 2007 SEPG Conference Continuing its
Page 33 and 34: Getting to Know Your Raytheon Certi
Page 35 and 36: Vision/Direction Architecture/Style
Page 37 and 38: When you help a student master the
Page 39 and 40: International Patents Issued to Ray

2007 Issue 2 - Raytheon

You also want an ePaper? Increase the reach of your titles

Delete template?

Save as template?