Joining a new Department of Homeland Security (DHS) program that provides classified cyber threat data to approved providers will give Raytheon [RTN] new capabilities that it can offer its customers in helping to protect them from computer viruses, Steven Hawkins, vice president of the Information Security Solutions product line for Raytheon’s Intelligence and Information Systems segment, recently told sister publication HSR.
Raytheon said last month that it had signed a Memorandum of Agreement (MoA) with DHS to receive classified cyber threat signatures under the new Enhanced Cybersecurity Services (ECS) program established by President Obama’s Executive Order on cyber security in February. Under the ECS program, companies that are approved by DHS to receive classified cyber threat data from the department, can basically turnaround and offer anti-virus services to critical infrastructure providers.
“The ECS program is a way to offer critical infrastructure providers the ability to scan their data and make sure there isn’t malware against the latest classified threat information,” Hawkins said. The arrangement allows Raytheon to broaden its range of consulting services it can offer to its customers, he said
If you can provide companies with the best threat protection that private industry can offer combined with protection against threats coming from classified sources that’s an advantage to Raytheon, Hawkins said.
The MoA initiated a process whereby DHS is reviewing Raytheon’s ability to receive and protect the classified cyber threat signatures, Hawkins said. He expects the process to take several months before Raytheon is approved as an ECS member.
Raytheon already provides managed security services to a number of government and industry clients, typically companies in the Fortune 500, Hawkins said. As an ECS commercial service provider, Raytheon will have to operate that service as a standalone business given the sensitivity of the threat signatures, Hawkins said.
Still, Raytheon can provide managed service offerings in parallel, with one service done in a classified environment and another in an unclassified environment, Hawkins said. The classified signatures can’t be shared with Raytheon’s clients nor can the company tell them what’s wrong with their files, only that it’s a bad file and not to use it, he said.
The ECS program is geared toward critical infrastructure providers such as financial institutions, utilities, telecommunications companies and others. These organizations and companies need to be approved by DHS to be eligible to have their data scanned by commercial service providers such as Raytheon under the ECS.