Our strategy and technology consultants have empowered our international clients with the knowledge and experience they need to build their own local resources and capabilities.
Our clients call upon us to work on their hardest problems—delivering effective health care, protecting warfighters and their families, keeping our national infrastructure secure, bringing into focus the traditional boundaries between consumer products and manufacturing as those boundaries blur.
Booz Allen was founded on the notion that we could help companies succeed by bringing them expert, candid advice and an outside perspective on their business. The analysis and perspective generated by that talent can be found in the case studies and thought leadership produced by our people.
We've come a long way delivering innovative solutions. But our next chapter is still being written.
Our 22,600 engineers, scientists, software developers, technologists, and consultants live to solve problems that matter. We’re proud of the diversity throughout our organization, from our most junior ranks to our board of directors and leadership team.
When Will Farrell, Booz Allen Hamilton's Dark Labs director, talks about setting a mousetrap, cheese is not the bait.
Instead, Will and his elite team use fake computers in a phony network, intentionally built to be vulnerable. The main goal of this virtual mousetrap is to lure cyber adversaries, who find it nearly impossible to resist hacking into those fake machines.
This approach to building a better defense is the creative strategy Will and his team at Booz Allen’s Dark Labs deploy to protect vulnerable systems.
Many companies look inward in designing cybersecurity programs, building bigger fences and buying more bells and whistles to secure their perimeter. But inevitably, adversaries will find a way in.
“Instead of looking from the inside out, we look from the outside in. We pretend to be the bad guys,” says Will. “You’ve got to think like the adversary to beat them.”
“You've got to think like the adversary to beat them.”
- Booz Allen Dark Labs Director Will Farrell
It’s just that kind of strategic thinking that a major oil and gas company was looking for when its chief information security officer (CISO) asked Booz Allen to reevaluate the company’s cybersecurity program.
But there was a catch. The CISO didn’t want the team to even look at the company’s current cyber state to start. Instead, he asked them one overarching question: What should the company’s cybersecurity program look like in 5 years?
“We were literally going off almost nothing. The CISO didn’t want us to be clouded by their current program,” says Booz Allen's Deputy Project Manager Gary Barnabo. “We had a totally blank slate to offer a fresh view.”
This global company is transforming from an oil company to an integrated energy company. And its value chain is vast—everything from exploratory drilling and extraction, refineries, and pipelines, to transportation fleets and gas stations.
Booz Allen Project Manager Matt Doan never underestimated the task at hand. “We knew we’d need to do some pretty creative thinking, but make sure it was grounded in defensible frameworks and logic,” says Matt.
In free-flowing sessions, the team of business and cyber strategists, threat intelligence specialists, hackers, reverse engineers, and industrial control systems experts brought bold thinking to this future challenge, conjuring up a comprehensive vision for the year 2022.
They outlined technological, geopolitical, economic, and other global forces causing business and cyber change. And they forecasted the resulting cyber challenges, such as relentless cost pressures and the overwhelming diversity of Internet of Things technologies permeating every part of the organization.
The ultimate goal? Package the ideas into a compelling blueprint of a future-state cyber program; one that would set the vision for the capabilities and operating model needed to address cyber risk 5 years down the road.
The team looked at a full spectrum of anticipated threat actors and capabilities. Nation-states could attack critical infrastructure and cause physical harm, for example. Criminal organizations could use ransomware to affect oil production along the supply chain. And hacktivists could attack email servers and cost the company hundreds of millions of dollars.
Two clear vulnerabilities emerged. One was the IT environment. As the company rapidly moves more business processes into a third-party cloud environment, it leaves their data and applications in a more uncertain—and potentially exposed—state.
The other challenge: the company’s operational technology environment. Countless motor controls, switches, conveyor belt valves, pressure centers, pumps, and turbines make up the physical equipment involved in extracting and producing oil—and much of it is not monitored or secured.
To protect these two different domains, our team brainstormed a wide range of plausible cyber incident scenarios to determine the right types of security measures to implement for the future. In a series of mind-mapping exercises, they “connected the dots” on how machine learning and deception technology might play a valuable role in those virtual mousetraps.
They considered the rapid growth of attack techniques and, how current methods of identifying attacks will likely become obsolete. And they simulated “hunting,” a technique to detect hard-to-find threat activity hiding within the “black spots” of a network.
“Hackers don’t look for the hard way in. They’re looking for the low-hanging fruit,” says Will. “Our goal is to defend, mitigate, and increase the level of effort for an adversary. We want to make it hard enough for hackers that they decide to go someplace else.”
After several months, the team delivered their program blueprint and an implementation plan. Only then did the CISO let them review the current program so they could understand gaps and chart a course to the future state.
What they found was a program that was “siloed and piecemeal,” says Matt. “They can’t move quickly enough to adapt to new risks.”
The future-state program, on the other hand, is designed to be agile, with a highly integrated operating model in which a distributed network of teams is empowered to work fast in their own environments, but still be highly linked to one another and operate with shared purpose.
Based on Booz Allen’s recommendations, the company is making its forward-reaching cyber program come to life.
“We showed them how to blend art and science into a future-looking masterpiece,” says Matt. “We showed them how their security professionals could complement and amplify the impact of their security tools and technologies to enable the business.”