So he's been around many sides of this issue. /Length 2057 corporate America is a soft target compared to the federal government. You have 11 lessons and I think you know for some of us even one of those 11 lessons Feels like a pretty daunting task. Times you know well, where did you find your staff and a lot of people don't like my answer, so I don't. These -- and many other angles -- are all correct but individually insufficient. Our Multi-Domain Operations/Joint All-Domain Operations solutions provide a complete picture of the battlespace and empowers warfighters to quickly make decisions that drive action. Is that something Lockheed Martin is done where they've gone out to the unclear population and obtain some separate consent? Why do why do we need it too? So it may not be very expensive is what I'm saying and you started off with a proof of concept, but what sold the company I think is when you start talking about the trends throughout the United States, the statistics relative to the loss of intellectual property and RND data and how much it's costing the United States economy. We have a phenomenal turn out which is not surprising given Doug's expertise. That includes: Throughout Doug's talk, he came back to a critical, often-missed perspective: without transparency and trust, insider threat programs won't work. 3 0 obj Is takes privacy into consideration? >> After high school, their love of science and math took them on divergent career paths that then intersected in the Lockheed Martin Missiles and Fire Control business. So, it was an easy choice to come back., The extra support that comes with training, mentoring and connecting with others having a similar experience is invaluable.. Again, he denied it when we approached him later he finally admitted it. We don't sell it, it's just ours. OK it took a few years to get to that point. We showed up. /Contents 4 0 R So then that question did come up about authority. If you'd like to ask questions at any point during the webinar, please use the Q&A feature. /F3 16 0 R OK, and that is publicly available select. Next line, please. << Australia English . As I mentioned before, this call walk run effort, you're likely not going to get the data you want or the resources you need at first go slow. v ZU:k. So this next bill is kind of interesting federal law enforcement referral. And if you think about it, this kind of why we merged investigation and counterbalance under the same office. Uh, a typical behavior? We had a a subject who received a complete competitor recruitment letter with a job offer. Doug is the Director of Counterintelligence and Corporate Investigations for Lockheed Martin. Beg for money if you will to build a tool. Put a red flag on it. Intent. If you could go to the next slide, please. Point towards disgruntlement or stressors. . The decision to expand that program. When many of us think about insider threat, we think about NISPOM change 2. So you have to have a discussion with them of what's really critical. Congressman Investigation offensive operation in the in the entire community and what I saw was a shift from nation states away from their 100% dwelling on trying to penetrate CIA or FBI or State Department or DoD or DoD. So it might sound like a small thing, but. :I-O
{hb1*Apf3H,*}~}0?Sw+[wydSyUDTNvv>LJMS'/ hBlSCdYY|2Yxs76T Kl&Sa Over 1,000 Students and Counting Are you next? Taking action to help you protect what matters most. But programs are scalable, so this. But there are some similarities. endobj in operations research from Cornell University. It was just OK and the my very first week here. The insider threat Assets risk counterintelligence. % It can be the container. endobj x^X$W Global Presence, Local Impact . Maybe you just start off with one person you start off with hiring the right person. Quite frankly, when the focus group came back with that change and explained it made great sense to me and so I think words matter. ", As an engineering aide, I am getting exposure to what engineering is like in the real world. If we can't answer him during the webinar, will be sure to try to get back with you after we have a lot of ground to cover so we will do our best to get every single question answer. It's also about good governance. I mean you mentioned the scope of this can be huge. An the program what it does it evaluates every employees, attributes, actions and behaviors 24/7. We're trying mature it 'cause our company is growing fast. Yeah, I think I think the biggest thing is to have somebody be your cheerleader in your advocate for hiring the right person. A Lockheed Martin official has said the White House is working to establish a new agency that would take responsibility for the federal security clearance system from the Office of . Focused experiences for high-potential executives & managers seeking personal growth and career transformation. Ina split second,my entire life changed., "The day I found out my dad was an engineer and not a secret agent is the day I decided to follow in his footsteps. Read More. It just start off with one guy or Gal who has a right background who understands how nation states operate, will understand how competitors operate. OK, it's amazing how much data companies and government agencies collect on their employees and it just sits there OK? 1. Insider threat organization and governance is critical Again, if you have. Just know one size does not fit all size, certainly influences the program the company support and culture. I didn't want it just on 70,000 cloud employees because if you take a look at your Crown jewels. Requires a human being to analyze the data, but that we rely a lot on the tool. View Doug Thomas's business profile as Corporate CI Operations Head at Lockheed Martin. All the data in the tool is objective data. But I let them know that look, I have. Quite frankly there isn't a right answer as to where this. Does it create baggage? So just to level set to make sure we're all staying on the same sheet of music. I think I speak for everyone to say that we know a lot more than we did. Just because you survived a presentation to your senior leadership on the need for an insider threat program, does not mean that the messaging stops there. OK, there is no way we're resourced to do. endobj It knows that Doug Thomas works in the UK or Canada or Australia. /Pages 2 0 R On the need to involve them and what we needed from the FBI and Oh my God, you wouldn't believe that pushback that I got from general counsel initially. And then the last bullet I have there is a farce. A full-time, 21-month curriculum and a global perspective to develop leaders of purpose. On this chart, we don't profile people. A lot of it has to do with stressors and people becoming disgruntled and things like that. Lockheed Martin Headquartered in Bethesda, Md., Lockheed Martin provides research, design, development, manufacture, integration and sustainment of advanced technology systems, products and services. I don't want to do is overstep that privacy. I hope I did not waste your time and I hope you got at least one nugget out of this. There is a little bit of pain along with that, quite frankly. View Doug Thomas's full profile. Well, we briefed them one time on on the fact that we are standing up a program like this and I guess it sounded sexy enough. He said he didn't do any kind of a download like that. I mean this is the one that a lot of people have asked me a lot of questions about over the years and that's why we built this chart the way we did. That's about 1000 things on there. Like financial stressors, we collect a lot of information within the company on that stuff, but there are some things we don't collect on, so we pay a vendor Thomson Reuters Security Service to collect data on all of our employees relative to real time arrests. Well, that's not the message that we wanted to go out. >> So then what we did is we saw him. Israel There's nothing wrong with that. More Story Keeping Ahead of Ready With Next Generation Launch Systems Industries from retail to banking are preparing for the future by focusing on the modernization of their technologies and assets. And that name recognition goes a long way and I know it sounds silly, but it is a ring knocking club so that helps as far as. I appreciate and value working on the products that will one day save our heroes. Data loss prevention tools. Doug has been at the center of counterintelligence conversations at the highest level of US government. In this capacity, he leads a staff that is responsible for providing advice and guidance relative to counterintelligence and counterterrorism matters impacting the Corporation. ", "I have been on incredible teams filled with mentors of all levels and backgrounds that are willing to help the next generation learn and grow in their career. To identify what your critical assets are and who's working on those programs for me, I view the Chief Technology Officer in our company as my number one internal customer. And if you think about it, every company does some form of due diligence before they let somebody have these accesses. I would say the exact same thing. Yeah, so I, I think that's an excellent question whoever asked that. In addition to his years on the faculty at Penn State, Thomas has had the pleasure of serving as a visiting faculty member at INSEAD (in Fontainebleau, France), the Johnson Graduate School of Management at Cornell University and the Darden School at the University of Virginia. Excellent, so we probably have one time for one more question. Every month ThreatSwitch hosts a webinar on a topic of interest to the security and compliance community. When you when you put together that list and you asked for that, did you survey a number of different departments or what? The group that I mentioned in says Insider Threat subcommittee. OK, HR does not let that information go well. And he actually confessed to, yeah, I was taking the data to prop myself up with this next company. We've built the program. Alright, so there was a couple of reasons why they shifted. Monday marks the 10th anniversary of the July 8, 2003 mass murder at the Lockheed Martin plant in Meridian, where Douglas Williams, 48 shot 14 coworkers, killing six of them before committing. Doug is the Director of Counterintelligence and Corporate Investigations for Lockheed Martin. Doug Thomas is the Henry E. McWane Professor of Business Administration at the Darden School of Business. As long as you keep looking for areas of improvements, and communicating the benefits, you can help to improve the way that change is perceived. You would expect that their insider threat organization would be robust and well-organized, and it is. So his nice confession if you will, is immediately placed on leave and was physically exited from the company. Departments that aren't bought in will ignore it. Not the weeds of it. So we will be sharing that with you after the webinars over, including the recording, so be sure to check back there if you're looking for the slots or the recording. Thomas received his M.S. >> WHY THE NRA'S CHIEF LOBBYIST LEFT: The National Rifle Association 's top lobbyist left the scandal-plagued gun rights group this week after nearly two . Last Update. 11 lessons from Lockheed Martin's insider threat program Watch video 59 min Insider Threat: What Industry Needs to Know Watch video 59 min CMMC: The Train Is Rolling Watch video 46 min DFARS NIST 800-171 Is Changing Watch video 59 min Small Businesses in the Enterprise Supply Chain Watch video 58 min /Length 3732 Initially, because all the data is anonymized in the tool, so that's why I say we don't profile people for profiling behavior. OK, so it's a brand and reputation thing, but I think friends since it's a it's a threat that are going on right now is what I think sounds so another way to answer that today as I look at the trends and the shifting threat landscape from nation states. Once we identified our potential risk indicators, then we made a subjective decision of how we would wait those Pris next thing we had to do is OK. Where is this data in the company? Makes him want to support the program, so I mentioned that I briefed the Board of Directors on an annual basis, no, but in our company gets in front of the Board of Directors. It can mean a hard drive. It hasn't been changed in the executive order yet, although I have seen it in the NDAA word for word. For instance, you know early on you wanna know about who are if. It's important to collect the right metrics and be able to tell a story that makes him want to hear more. Lori and Lessie are identical twins and engineers who work for Lockheed Martin. Excellent, yeah, we have several questions around. Now today I get that information before the supervisors get that information. OK, in fact I had an ethics officer who sat on the konops build with us who made a very good comment to us and that was just because you can do something, meaning it's legally OK to do it or regulatory. Representation matters., Veterans, reservists, and military spouses comprise well over one-fifth of our 114,000 employees, "I was very lucky that when I decided to take that step out of the closet I was accepted right away, and I can truly say that my career has flourished since. OK, it's OK to go to another company. Misgovernance this to me is a big deal and I'm going to bring it up again later because I think it's I think it's. We're looking for risk. How do you? Making sure you're executing the mission right so it just takes patience. /Type /Page What did you guys discover? Recent News About Doug Thomas. >> Securing access to the data you need to have an effective program execution of the mission with that. And in addition, I would just remind everybody that this is the part of a series on insider threat. I'm almost done. UVA Darden School of Business. Not, I'm not gonna use names. Um in for an annual conference, and sure enough, the entire SERT team is part of that. As I mentioned, Doug is counterintelligence operations in corporate investigations director at Lockheed Martin. Arlington, VA 22209 USA. You will get resistance when you first introduced this topic to whoever. Prior to that, he was the principal deputy Director of Counterintelligence, spent 25 years with the Air Force as a special agent. Now I've also mentioned about the application of suicide ideations in workplace violence prevention. In September of 2009, he retired as a member of the Senior Executive Service and last served as the Executive Director. They are an insider. I think they. What's unique about the F35 that makes it the awesome machine it is. stream You really feel heard even if you are earlier in your career., "My job allows me to use my creativity to come up with innovative solutions for complex problems. Douglas D. Thomas Director, Counterintelligence Operations & Corporate Investigations July 18, 2017 Counterintelligence & Insider Threat Detection National Insider Threat Special Interest Group. However, Doug drove the point home that middle market companies can and must be connected to leadership and establish clear functional accountability and communication to work. We have a human behavior and a digital behavior baseline of every employee in the company and what we're looking for is anonymous or not. To let them know that hey, we're interested in dark times, we'd like to look in the tool to see if one of the concerns there might be in there, and then he'll make a legal decision more. That's how close our relationship is, because as I mentioned before, the execution of program, it's critical that it's executed in a manner that. It fails . OK, so we focus a lot on training and awareness. endobj So that's another outgrowth of a program like this. Contact. His wide-ranging career makes him one of the most influential counterintelligence and insider threat practitioners in the country. How do we get started? And companies OK if you want to get personal about it. That's why we'll be sharing our CEO's lessons-learned each month right here on the ThreatSwitch blog. I have an annual forum where I bring in all of our investigators and kind of townspeople, and you are about 75 now. So I remember shortly after I got here meeting with the Chief Technology Officer to have him give us a list of critical assets in the company and the way we're set up at the company. Globe Icon. This office actually brings to the table. Consent is not necessary because it's pull up publicly available. You know that's just So what piece? Decision on communications part because there was a word in there and I never even thought about it. On developing this program and I can tell you right now it didn't. So you're not gonna have an office large enough to have a robust and effective program if you don't leverage technology. It depends on your culture. Said we're on solid ground. Right, that's super helpful and I know that's one that people cook with a lot in. Just asking you want to hear more about threats which. I'm pretty sure I speak for everybody to say when I say that there are a number of outstanding Nuggets, so thank you for that overview and we do want to open up the questions. Tambre - Cyber Security Engineer Tambre A multi-year program that provides a rigorous course of study designed for candidates who research for more than the sake of research. And it's also about communicating with the employees. You know that's not a goal of ours. Germany English Deutsch . Are the potential risk indicators you collect. /Type /Catalog 2 0 obj As pretty intrusive. In fiscal year 2019 Lockheed Martin was the top recipient of Department of Defense contract dollars. It was about people with clearances and classified information, and we know that that problem set is way beyond classified information. OK, we've been telling him for the last couple years. Leidos said Monday that Thomas Bell, CEO of Rolls-Royce's North American subsidiary and president of its global defense business, will succeed Krone in the chief executive post, effective May 3. So one of the things that we did is we are office crafting up a paragraph that would go out from our leadership to the workforce that essentially let them know. As I reflect on our journey. Now there's ramifications that go along with something like this, so the guy was interviewed on why he did what he did. Being able to facilitate Lockheed Martins values and mission and the similarities of serving in the Military is a vital component of my responsibilities. #2. It's kind of talents. Pardon me Who's been involved in that asset discussion? On the next generation product. If you're a company this size and quite frankly you don't have the bandwidth to actually manage that kind of, uh, a list of critical assets. It's just we are. You know XY&Z well the focus group again, that focus group was made up of. So no time spent on this chart whatsoever. Or to the steering committee search is one of the first people I mentioned right off the bat because they provide about 50% of our leads that comes out of the Rams tool are from SERT. Quite frankly, it's not necessarily a bad thing, but it's not necessarily a good thing either. We do collect data that the company doesn't collect. Mr. Thomas retired from this position on October 1, 2011. Because when you ask the question about Chief Technology Officer, what are critical assets you know you're gonna get a laundry list? So that's why we had to go get money. Let's say we're going to do a riff of 500 employees out of a site. I mean they thrive on a good brand and what they don't want. Well, once you give them access there and inside, they're not an insider threat, but they have access, so that's why we change this definition the way we did. The reason why these 2 are in the same office. It's actually, it's less of a legal decision, more of a risk decision on whether or not we can look in there or not. Threatswitch and for those of you who don't know us, we are a company that provides software to help companies manage compliance with things like insider threats CMMC and NISPOM And help you reduce the cost of doing it. Anyone claiming to have our list is not legitimate. That's kind of like sacred ground. It's also about hiring the right people, so I get asked a fair amount of. India English . So now that got us a little concerned. Building and sustaining relationships with the federal government who do kind of talents in the insider threat programs. ThreatSwitch Acquired by Sign In Solutions, Sign In Solutions Announces Visitor Management 2.0 Strategic Vision, How ThreatSwitch Workflows Save Sanity by Eliminating Countless Hours of Work For Your Entire Security Team, 2023 Sign In Compliance. As a mechanical engineer, Becky designs full-scale air vehicle models. I don't understand how company can afford not to do this. We don't go into great detail about these specific data if you will, but what I will tell you is that at the end of the day. What's the right way to tackle? Letter to Lockheed Martin sent 10/19/2018 On a pretty regular basis, we brief it quarterly to our steering committee and we brief at annually to our Board of Directors. We are delighted to be talking about 11 lessons from Lockheed Martin's Insider threat program and to help us talk about that. Free Tools . And do we really do counterintelligence? I made an appointment with the CIO and the CIS so I could go in and sit down with them and talk to them about who I was. I will tell you who gave me the hardest time after. ", "I truly learn something new every day, and every day I get to solve new challenges. << It requires a lot of liaison, that's for sure. So we came up with this definition and we socialize it with you. He was the counterintelligence advisor to the Director of National Intelligence and the President of the United States. I got the opportunity to meet Doug Fairly recently, although. And he said he was going to take it to the next company. This little bit of two parter one is, you know. The long poles in the tent are senior leadership. He tried to download a bunch of data a lot more than 49 files. From each business area and then the hope was that the business areas would submit their top 10 and the Chief Technology officer would narrow that down to 10. Doug is based out of La Plata, Maryland, United States and works in the Defense & Space industry. I also have a staff meeting on Thursday with our investigations leads. So I wanted to make sure that our program covered every employee in the company. OK, I get the information about people gonna be put on a pip before they're put on a pip. He lied. Or is that not something that's part of your program? A frequent faculty leader in executive development programs, he has led numerous Executive Education sessions in Africa, Asia, Europe and North America, including programs at Penn State, INSEAD and Georgia Institute of Technology, as well as custom programs for Accenture, DuPont, ExxonMobil, IBM, Ingersoll-Rand, Mars, Office Depot, Parker-Hannifin, Pfizer, Schlumberger and the U.S. Marine Corps. His research interests include coordinating production and inventory planning across the extended enterprise and connecting decision models to logistics performance measurement. Some people call them red flags or triggers. So these are the categories of metrics that we collect. It has allowed them to connect and form lasting bonds., Everyone doesnt always respond positively at first when bringing new ideas to the table. Employees that don't trust the program won't participate. 2023 All rights reserved. -- A federal jury convicted retired University of Tennessee professor Dr. J. Reece Roth of illegally exporting military technical information related to plasma technology designed to be deployed on the wings of drones operating as weapons or surveillance systems due in part to investigations completed by the Air Force Office of Special And it gets in the news. That's the result? ", Three years ago, I decided I wanted to get more involved in my local community and give back to those less fortunate than me., I always tell my soldiers, I may be your leader, but Im nothing without you. 1100 Wilson Boulevard