Protecting Critical Information and Infrastructures from Complex Threats

What is Information Security?
Information Security provides the strategies, technical frameworks, guidance, systems engineering specifications and certified products to enable a protected, integrated and survivable net-centric enterprise, system or information environment. In a layperson’s terms, this means that an organization’s information systems, and the vital information they contain, are fully protected from breach, fraud, theft or sabotage, from both internal and external threats.

Introduction
In today’s fast-paced world, the economies, governments and populations of the United States and its allies are increasingly dependent upon information as the lingua franca of our times. In fact, digital information has become the backbone of commercial and governmental communications and interactions throughout the world. Along with this growing dependence on information has come an urgent need to protect this information from unauthorized access, alteration or disruption—from external and internal threats, from commercial or national competitors, and from nationstates or rogue individuals.

But it is not enough to protect just the information. We must also safeguard the various systems in which this information is created, stored and transferred. We must secure the communications infrastructures over which this information traverses in the course of its daily usage. We need to develop strategies, plans, policies and products to ensure that both the information and the information systems in which it resides are protected from those who would do it harm. The increasing numbers of threats to our critical information and infrastructures—from both internal and external sources— are very real, and must be countered by an aggressive, proactive strategy of information security.

Information Security is Essential to Information Sharing
The business of today’s commercial organizations and government agencies requires extensive information sharing among teams and across enterprises. Stove-piped information domains are a thing of the past, and active collaboration is the wave of the future. Today’s information systems and infrastructures must enable and facilitate this collaborative environment—and at the same time maintain robust information security controls; risk must be managed effectively and proper policies and procedures put in place.

Whether it is an investment bank wiring funds to an overseas corporation; a plant operator at a nuclear power station controlling the flow of cooling water to the core; a corporate engineering organization sending sensitive drawings and product data to a manufacturing site in Asia; or a government intelligence agency delivering up-to-the-minute maps and situational awareness data to a remote field site—in all of these cases, and many more, Raytheon’s information security solutions expertise can ensure that both the information sharing and security objectives are successfully met.

Raytheon’s Proven Approach
Raytheon has been in the business of protecting vital information and information systems for many decades—from some of the first computers used for military applications, through the first local and wide area networks of computers, to modern enterprise-wide information architectures for the largest global commercial organizations. Today, Raytheon continues to provide integrated information security solutions for some of the most complex applications in the world, for a wide range of both commercial and government customers.

As a result of its extensive experience in information security, Raytheon also recognizes— and provides robust, proven solutions for—the broadest array of possible threats and information attack modalities. Raytheon understands that in many cases the biggest threats to information systems comes from insiders, those individuals within an organization who have access to sensitive information and seek to do harm. Raytheon Oakley Systems and its SureViewTM and CoreViewTM products provide the world’s leading enterprise insider threat protection solution that combines network and endpoint monitoring with targeted investigations and forensic capabilities. These ground-breaking technologies enable commercial enterprises and government agencies to proactively find malicious insiders while also protecting well-intentioned employees from accidentally doing harm.

Raytheon’s information security solutions combine all of the essential elements for success: certifiable security architectures; proven design and process guidance; policy infrastructure; experience-based implementation plans; best-in-class technical products and services; and Mission Systems Integration capabilities.

Commercial Markets
Raytheon is also on track to become one of the world’s leading information security integrators for the Fortune 500 companies that make up the nation’s critical infrastructures. With customers ranging from the world’s largest financial institutions to the world’s largest retail enterprises, Raytheon protects these large commercial organizations from breach, fraud, theft and sabotage of vital information and information systems. Proven products like Raytheon Oakley Systems’ SureView™ and CoreView™, provide security solutions and process improvement methodologies that yield demonstrable, measurable results. Some of the additional commercial application areas in which Raytheon offers its solutions and integration expertise include:

• Protection from the complete range of insider threats
• User and network monitoring solutions
• Visual analysis of content transfer and communications activities as they occur
• Integration and interoperability across different security technologies, products and systems architectures
• Auditing
• Data analytics and diagnostics reporting
• Forensics and support for investigations

Federal Markets
Raytheon is also one of the world’s leading Information Assurance Mission System Integrators for federal and other government markets; our expertise in meeting the unique requirements for government customers is among the deepest and most extensive in the world. Our experts—most of whom are Certified Information Systems Security Professionals (CISSP) and Information Systems Security Engineers (ISSE)—offer unparalleled domain knowledge and many years of experience in protecting mission-critical information and infrastructures from attack, intrusion, disruption and compromise.

Some of the many application areas in which Raytheon offers proven solutions and integration expertise include:

• Multi-level and multi-domain security
• Security for data in motion and at rest
• Vulnerability assessments for risk mitigation
• Anti-tampering technologies
• Forensics and investigations
• Certification and accreditation

Whether government of commercial, attacks on sensitive digital information continue to increase in frequency and severity. Raytheon Information Security Solutions is poised to protect proactively of after even the most complex threat.

The Five Dimensions of Information Assurance
From a strategic perspective, providing Information Assurance requires that five essential factors must all be addressed:

• Confidentiality — the protection of information so that it cannot be accessed in an unauthorized manner by another person, system or electronic process
• Authenticity — the verification of the identity of a sender or receiver of information
• Integrity — the assurance that essential information, or the process by which it is used, is not altered or destroyed in an unauthorized manner, either intentionally or by accident
• Availability — the assurance that an information system, and its data processing capabilities, is accessible by authorized users whenever needed
• Non-repudiation – the prevention of an individual involved in generating information from denying involvement at a later date

Contact Information

Intelligence and Information

Systems
P.O. Box 660023
Dallas, Texas, 75266-0023

tele: 972.205.5589
fax: 972.205.5589
http://www.raytheon.com