Abstract
This paper explores the threats posed to the Lockheed Martin Technical Services Company located in Gaithersburg Maryland 20879-3328. Lockheed Martin Technical Services deals with research and development in the physical, engineering, and life sciences. This research examines the critical infrastructure and makes threat assessments that are natural or manmade, experienced internally or externally within the facility headquarter. Overall, this article explores areas of vulnerability of sensitive security installation of the nature of Lockheed Martin Technical Services Inc. This research proposes and describes areas of vulnerability within the building complex and the company facility.
Lockheed Martin Corp is a global security, aerospace and Information Technology Company and the biggest provider to the U.S government, of IT services, training and system integration ("Active Risk"). The company was originally Loughead Aircraft Manufacturing Company, an American aerospace company. Lockheed Corporation was formed in Los Angeles California in 1912 by Glenn L. Martin from the original Loughead Aircraft manufacturing Company and merged with Martin Marietta in 1955, to form the Lockheed Martin. The company is among the world’s biggest military contractors with a total employee population of 116,000 personnel. The company is composed of five business segments; Missile and Fire Control, Space System, Missions Systems and Training, Information Systems and Global Solutions and Aeronautics. Historically, the company contributed immensely technologically during the Second World War by supplying the U.S military with sophisticated military hardware especially war planes. Lockheed Martin Corporation owns various infrastructural assets within Maryland and Virginia, among them the location of Lockheed Martin Technical Services Inc. on 700 North Frederick Ave., Gaithersburg, MD 20879 in Maryland. This facility is a defense-based Information System Global Solutions (ISGS) headquarters located near Washington D.C. The company employs 501 to 1000 personnel located within the headquarters and a population of 11,000 employees distributed all around the world. Given the expansive compound and massive size of the building housing the facility coupled with high employee numbers, security measures must be taken to ensure the safety of both the human resource and classified information resource available. In assessing the vulnerability of critical infrastructural facilities, attention must be given not only to the physical infrastructure but also the cyber infrastructure, especially with the developments and advancements in cyber and computer networking technologies. Given that Lockheed Martin Corp is a defense and aerospace contractor, any of their facilities requires a high level of security. To determine the risk posed to the facilities, the probability of should be determined by considering the following matters: topology of the area, proximity to water bodies and power sources, geographic location, the area’s susceptibility history to natural disaster such as hurricanes, proximity to highways and airports.
Lockheed Martin in Gaithersburg is highly prone to destructions from natural causes such as high winds, coastal flooding, rainfall flooding and tornadoes. Maryland is at especially high risk of hurricanes and tornado destruction, having just recently experienced the devastating effects of hurricane Sandy on October 29th and 30th 2012. However, Lockheed Martin facility on 700 North Frederick Ave is not prone to flooding due to its location in flood free zone and having undergone constant renovations over the years. Safe for the occasional lack of reporting by employees to work during severe bad whether, the facility’s physical infrastructures are well designed to withstand the harsh whether of Maryland. On the other hand, the proximity of the facility to the nation’s capital (Washington D.C) makes it vulnerable to terrorist attacks. The building is surrounded by other taller building within the D.C area making it be within the range of a Rocket propelled Grenade (RPG), a weapon of preference to militia groups and terrorist cells operating within cities. To further gravitate the situation, there is exists no missile detection and defense system installed on top of the building for timely response, given the importance of this security installation. Even though access to the main building facility is control and regulated by the employee card scanning system, accessing the facility through the main gate is quite easy due to the poor security measures employed. The parking lot in front of the main gate has exits that can provide unregulated access to the facility past the security and verification personnel stationed at the main gate. In a bid to lower operational costs, the management of the facilities reduced the number of guards by introducing an employee card scanning system as a means of authentication. This move, though not obviously visible, has made it impossible to respond to emergencies in the form of hostilities in case it arises. The situation is made worse by the lack of technologically advanced Closed Circuit Television (CCTV) cameras. The existing cameras are old, dilapidated, and ineffective at responding to 21st century security threats, especially for a defense based security facility of this magnitude.
On the periphery of the facility, almost half line of the fence is in a heavily wooded area, increasing the vulnerability of the facility to insecure access by individuals with malicious intentions. The facility provides safe storage for classified or sensitive information within its many Sensitive Compartmented Information Facilities (SCIF). With the several access points lacking guards, access to the building by employee require security clearance card for access. This method of access that lack human contact and interaction is prone to abuse since visitors and unauthorized personnel can easily gain access by tailgating or piggy backing, which might not be good for such a facility housing sensitive or classified information and it very vulnerable to espionage activities.
Over the year and since the dawn of computer networks, Lockheed Martin ensured cyber security by including security protocols into the IT systems it delivered to its customers. But with the rise in cyber attacks across the globe, Lockheed Martin in 2009 built a cyber research facility, NexGen Cyber Innovation and Technology Center (NCITE), to help mitigate these cyber attacks and threats ("To Innovate & Protect: Lockheed's NexGen Cyber Innovation and Technology Center"). According to the Washington Post, Lockheed Martin was hit by a cyber attack which reportedly had minimal effect according to the Department of Defense (DoD) ("Lockheed Martin says it derailed cyber attack", 2011). According to the DoD, Lockheed and Martin network’s contain sensitive information detailing arms being developed as well as defense technology used by U.S in their wars around the world. The NCITE facility will hence aid in pre-meditated response to IT security threats and cyber terrorism.
Conclusion
When assessing vulnerability and security threat scenarios that target Lockheed and Martin, it is important to note that measures have to be taken to ensure redundancy in case a natural or manmade catastrophic destruction befall the facility at 700 North Frederick Ave. Lockheed Martin has other facilities and can act as backup or complete replacement if a disaster affects operations at 700 North Frederick Ave. Lockheed Martin has eight more facilities distributed across Virginia and Maryland. Security vulnerabilities not only involve physical threats and also chemical and biological in nature. Hence care must be taken to install a biohazard detection system to safeguard against such unexpected risk both within and external to the facility.
Threats that can emerge from within or outside the facility need to be assessed regardless of the technique of prevention applied. A comprehensive risk assessment of threats that can realistically occur in a facility should be carried out even if the precise nature of the impending disaster or their resulting outcomes is hard to determine. Despite the threat, the aim of the corporation should be to ensure the protection of their employees, other personnel and safety of their customers’ sensitive information during unexpected disaster. The probability of a catastrophic disaster taking place should be determined and advanced corrective measures put in place in case of any unexpected disaster. Key among the considerations when performing a risk assessment exercise is adequate insurance coverage. Availability or cost of insurance offered by insurance underwriters can be greatly enhanced by having a disaster plan that addresses the concerns of the underwriter.
References
Active Risk. (n.d.). Active Risk. Retrieved April 24, 2014, from http://www.activerisk.com/lockheed-martin-jsf-case-study/
Lockheed Martin says it derailed cyber attack. (2011, May 28). Washington Post. Retrieved April 24, 2014, from http://www.washingtonpost.com/national/lockheed-martin-hit-by-cyber-incident-us-says/2011/05/28/AGTkefDH_story.html