How Does Your System Measure Up?
As weapon systems have become more dependent on globally-sourced embedded technology, software, and interconnected networks, new cyber risks continue to emerge. In order for weapon systems to successfully conduct their missions in cyber-contested environments, these risks must be identified and effectively managed.
The deficiency in risk awareness and management, coupled with rapid technology changes within complex environments that are continuously under attack, make measuring cyber resiliency a hard problem.
Lockheed Martin Fellows and cybersecurity subject matter experts from across the corporation developed and utilize the Cyber Resiliency Level® (CRL®) Framework as a standard way to measure the cyber resiliency maturity of weapon systems.
How it Works
The CRL® Framework can be used to assist stakeholders in prioritizing risks and selecting courses of action for maximum effect against cyber-attacks, as well as to provide stakeholders with an understanding of cyber investments necessary for increased cyber resilience.
CRL® helps employ common risk- and engineering-based approaches and leverages common assessment tools such as the National Institute of Standards and Technology’s (NIST) Risk Management Process and Risk Management Framework, Lockheed Martin’s threat-driven methodologies, and the Department of Defense’s Cyber Table Top (CTT) Guidebook.
For more information, refer to our whitepaper, “An Overview of the Lockheed Martin Cyber Resiliency Level® (CRL®) Framework for Weapon, Mission, and Training Systems.”
The Case for Built-In Cybersecurity
When Lockheed Martin was awarded the opportunity to work on a major military satellite development program, the team responsible made the decision to include cyber at the front-end to eliminate costly and incomplete cyber “bolt-ons” later in the system’s lifecycle.
