By: Diane Stirling
(315) 443-8975

A member of Lockheed Martin’s vulnerability management team addressed members of the School of Information Studies (iSchool) Information Security Club this week and provided an overview of cybersecurity work in the corporate setting.

Tim Van Waes, a senior information security analyst in Lockheed’s Corporate Information Security sector, is part of the team that manages the vulnerability assessment tools used across that corporation. He presented a high-level overview of cybersecurity solutions, talked about the goals of information security professionals in a corporate setting, noted the types of attackers typically seen in that environment, and discussed the defense in depth operational model.

In a corporate setting, Van Waes told the students, “your primary goal is to keep the business functional. We need to make sure the company can still do what it needs to and implement solutions that allow them [to operate] in a secure manner.” Although “nothing is ever going to be 100% secure,” information security professionals “are there to make it functional and at a level of security that’s acceptable to the business,” he said.

The field is one that is both ever-changing and growing exponentially, Van Waes told the students. In the nine years he’s been at Lockheed Martin, Van Waes noted, “there’s just been this huge shift in focus on information in cybersecurity, and on both sides. Not only are governments, companies, and independent organizations putting more emphasis on cybersecurity, criminals are also putting a lot more focus on cybersecurity. It’s skyrocketing, the amount of people who are trying to hack into systems, as well as those defending them. That’s where innovations and new tools are coming out.”

Though cybersecurity work “is definitely not for everybody,” Van Waes suggested, “for those with the mindset and desire to get into it, it can be very rewarding and very interesting.” He advised anyone considering the field to “get a good foundation, a good understanding of information security, get that mindset in place and once you have that, find the aspects that intrigue you. There’s so much to learn. If you have that passion and that drive in the field, it will definitely help you.”

Van Waes began working for Lockheed Martin in 2005, following his graduation from Utica College with a bachelor’s degree in economic crime investigation with a concentration in Computer Security. He has managed end-user security solutions such as Encryption, proxies and IDS/IPS. He is a Certified Information Systems Security Professional (CISSP), Certified Ethical Hacker (CEH), and a GIAC Penetration Tester (GPEN).

Brian Garber, a senior at the iSchool and vice president of the new Info Security Club, remarked how “Tim’s presentation was directly applicable to our coursework and the mission of our club. The opportunity to hear from an industry professional with significant hands-on experience in security was exciting and intriguing. We walked away with a greater understanding of defense in depth, and how corporations such as Lockheed Martin build security into their information systems architecture.”

This event is one of many in anticipation of the Northeast Collegiate Cyber Defense Competition (NECCDC), which will be hosted by the iSchool in March 2015.