Even before the pandemic hit, Leidos had an incredibly busy year planned, according to Chief Information Security Officer JR Williamson. One of its most significant milestones though was transitioning a large percentage of its employees to work from home — and doing so without weakening security controls or taking on more risks.
Last year, Leidos transformed its traditional security operations center into a security intelligence center, bringing in additional talent and establishing information-driven and adaptive threat hunting, zero trust policies, security orchestration automation and response, and threat intelligence to augment and enhance traditional approaches.
Leidos also significantly improved its cybersecurity maturity and capability while running the security intelligence center 100% virtually through the pandemic.
This year, Williamson led efforts to implement standard and repeatable security capabilities and processes for cloud provisioning/deprovisioning for Leidos’ enterprise cloud management initiative. Under Williamson’s leadership, Leidos also led efforts to partner with the Defense Contract Management Agency in assisting to mature the Cybersecurity Maturity Model Certification cybersecurity standard. And Leidos onboarded both the Dynetics and L3Harris Security Detection and Automation acquisitions while ensuring the businesses could safely execute their business plans.
Additionally, Leidos’ Project LISA — short for Leidos Information Security Architecture — helped the company advance federal security missions and is designed to provide improved speeds, consistent governance, effective monitoring and risk management and data protection of various computing environments across Leidos’ global enterprise.
Based on focus group findings, Leidos recently established a new baseline assessment program for security awareness with measures to ensure the program helps improve the internal culture of cybersecurity and reducing risk. Leidos’ Data to Intelligence research and development project has also been instrumental in combining machine learning with advanced analytics to large volumes of telemetry data to discover the critical insights needed for fast and effective detection, which strengthens decision-making.
Finally, the successful implementation of security orchestration automation and response, or SOAR, capabilities into Leidos’ security intelligence center has significantly reduced time and effort needed for many standardized and repeatable tasks that analysts perform. Williamson will continue to lead efforts to build out more SOAR-based playbooks as Leidos focuses on hyperautomation.
In 2021, Leidos will transition from its traditional on-premise collaboration-based systems into Microsoft 365 GCC-High, work toward meeting the fourth level of CMMC, and launch a co-innovation pilot for combined cloud-based software defined perimeter and Secure Access Service Edge capabilities — a move designed to allow the company to expand its trusted application access more broadly and natively across the global internet without compromising security.
The company anticipates more room for growth and continued potential for mergers and acquisitions. And Leidos plans to build more user-centric security services with transparent consumption models in an effort to provide all of its security capabilities “as a service.”
As the vice chairman of the board for the Internet Security Alliance, Williamson also plans to contribute to two books on cybersecurity risk management, public-private partnerships and creating an enterprisewide culture of cybersecurity.