When it comes to protecting critical national infrastructure, it doesn’t get much more high-profile than the White House. Faced with a cyber ‘incident’ that penetrated the unclassified network of former US President Barack Obama, tech giant Leidos had to quickly assess the damage, and throw a ring of digital steel around the leader of the free world. Eight years down the track and the security layer that they developed is still in place, quietly doing its job, affirms Tom Prunier, chief technology officer for Leidos UK.
Prunier, who started life in the United States Marine Corps before joining law enforcement, and ended teaching FBI agents how to investigate cybercrime, says: “I can’t really go into specifics, but it was a nation state incident. We went in and provided a service and now we run the security operations centre for the president.” Prunier adds that the impact of the infiltration “wasn’t good” but it allowed for improvements to be made, and the longer-term consequences have positioned Leidos as one of the global forerunners of security operation centre capabilities.
As ransomware continues to dominate the cybersecurity landscape in 2022, with targets large and small falling prey to organised criminal hacking groups, the conversation is shifting more and more towards the security operations centre model, as a way and means of protecting organisations from online harms.
So, what does that look like, and how do you address the budgetary concerns for organisations, especially in the public sector, who maybe struggle to make the financial case for investing in 24/7 security?
Prunier says: “Within the UK what I’ve noticed is that the requirements, in terms of what customers want, is increasingly driven by protective monitoring. So, what I’m really focusing on is trying to develop a streamlined solution that’s easily deployable, provides excellent coverage and visibility from a protective standpoint but also is cost effective and repeatable. The other part of that is getting to the point where you can share a lot of these threat vectors and the things you see with other colleagues, other programmes and other customers. It builds that country-wide defensive posture.”


In the US, Leidos cybersecurity products adhere to National Institute of Standards and Technology (NIST) and Risk Management Framework (RMF) standards, and for the most part, despite differing data regulations, they translate well into the UK, says Prunier. People, process and technology is the mantra that drives the company’s approach to software development, and even though automation is increasingly being introduced into security information and event management (SIEM) platforms, it is the combination which remains key.
“It’s got to be balance between people and process and that’s what I’ve always felt makes for a complete set of defence measures,” says Prunier. “You want to automate as much as you can but there’s still that human aspect that goes beyond the artificial intelligence and automation where they’re looking for specific things.
“For instance, when we were setting up the SOC we allowed the analysts a lot of latitude for what they felt was there niche whether it be outbound traffic or inbound traffic and let them really create their defensive mechanisms and dashboards that help enhance the overall process.”
And there are exciting plans for the organisation ahead. “With ransomware we’re actually starting communications with some smaller companies that have come up with some interesting avenues defending against or stopping ransomware. We can implement that not only in our monitoring but also in our automated processes that will allow us to stop and protect against many types of ransomware. We’re just starting that conversation but it’s something that we want to integrate into our package offering. The really exciting thing is it’s being offered at a price point that really targets smaller organisations to keep the costs really low and allow them to benefit from it.”
Related posts
Interviews
Comment
Please mind the gap… or healthcare may fall
Imagine sharing a lengthy train journey with others. From beginning to end, imagine how often you might hear ‘mind the gap’ messages about embarking and disembarking safely. Picture how navigating…
Women Lead: My journey from Dragons’ Den to Silicon Valley
Following her appearance on Dragons’ Den, Sheila Hogan, serial entrepreneur, founder and chief executive of digital legacy vault, Biscuit Tin, shares her experience of her time in the Den and…
Look anywhere – the future is ‘aged tech’. But Scotland needs to be more adventurous
Scottish Care, as the representative body of independent social care providers of care home, care at home and housing support services, has been working over several years with colleagues in…
Women Lead: Engineer turned entrepreneur
We are always fascinated by other people’s stories. It’s how we connect, grow and learn from each other. Until very recently I always felt like I didn’t have a story to tell. Who…
‘Women – together we will change the dynamic in tech’
I was inspired to start a career in technology when personal computers were in their infancy and the internet decades away. My childhood dream of becoming a scientist was shaped by…
It’s time to change the future of tech apprenticeships – and we need your help
In his latest exclusive column for Futurescot, Ross Tuffee, chair of the Skills Development Scotland (SDS) Digital Economy Skills Group, calls on tech employers to get involved in shaping the…
What AI difference a year makes
Amazingly, it’s been one year since the publication of Scotland’s AI Strategy. And what a year it has been. Demanding but rewarding, with good progress made and great foundations laid…
International Women’s Day: It’s time to harness power of women in technology
As we celebrate International Women’s Day, I hope to be part of a future where barriers that prevent women from competing on a level playing field in the work environment…