Close this search box.
Close this search box.

Raytheon CEO On Creating A Cyber-Safe Workplace

Chief Executive asked Raytheon CEO Thomas Kennedy to discuss what the CEO’s role is in creating a cyber-safe workspace and the role company culture plays in creating a more secure organization.
Raytheon CEO Thomas Kennedy
Raytheon CEO Thomas Kennedy

Raytheon CEO Thomas Kennedy is in charge of a $27 billion company, with 67,000 employees.

Needless to say, cybersecurity is something he pays attention to—both internally and in the work that defense contractor does for its clients.

Chief Executive asked Kennedy to discuss what the CEO’s role is in creating a cyber-safe workspace. The Raytheon CEO also touched upon the role company culture plays in creating a more secure organization, how his leadership style has evolved and more. Below are excerpts from this email conversation.

What is the CEO’s role in creating a cyber-safe workplace?

The simple truth is that when everything is connected, everything is vulnerable. So CEOs must be the ones setting the tone at the top that cyber securing the enterprise is a top priority. In words and actions, they need to become champions for cybersecurity. And they need to support it with investments, getting the right IT and operations talent in place and empowering managers to implement effective systems, processes and plans.

Companies can gain significant competitive advantage by leveraging new technologies for automation, cloud computing, global supply chains, and networked products and services. But all of these must be secured and monitored—across the entire system of systems, whether an internal tool or a product you sell—from its IT components, to operational technology (OT) hardware and software, to internet of things devices and connected third-party services. The business must manage the associated cybersecurity risks of all of these elements, since the impacts can be severe. There are the very real dangers of business disruption; health and safety impairment; damage to a company’s brand and its public trust; lawsuits and fines; and the loss of critical intellectual property and privacy data.

I like to say that there are two types of companies out there relative to cyber: those that know they’ve been breached, and those that don’t know they’ve been breached. As a result, CEOs need to be proactive. They can’t assume they’re not a target – they are.

How can CEOs best communicate the importance of cybersecurity to their employees?

The challenge for companies is that employees are both the strongest defense and the weakest link relative to cybersecurity.

This risk is called “the insider threat” – and there are two kinds of threats from employees here. There’s the employee deliberately downloading sensitive files or intellectual property to sell or bring with them to a competitor when they leave; and/or sabotaging the OT system. Then, more commonly, there’s the employee who unintentionally falls victim to an external bad actor, such as through a phishing scheme, or who circumvents security controls in a misguided effort to do some work. No matter the intent, there has been a stream of headlines of such actions leading to the critical loss of IP on IT systems, and sabotage against the OT systems of factories, industrial control systems and even hospital equipment.

Getting employees to become part of the solution needs to be communicated through employee education. It’s a high payoff activity. Since increased training not only lowers the risk that employees will unknowingly facilitate breaches, but that when bad things do happen, they know how to respond and minimize the impact. Good training brings to life the dangers of bending rules and how to be alert for malicious insiders.

At my company, IT partners with Communications to get the word out through an employee education initiative we’ve branded RTN Secure. And it’s regularly updated to highlight new vulnerabilities and best practices as the threats evolve.

Cyber-aware employees then become your best line of defense and a critical component of your organization’s cyber resiliency. You have to assume compromise; it’s not if, but when.

What role does company culture play in creating a more secure organization?

As with every part of your business, culture is key. It provides the solid foundation of compliance, collaboration and communication required to ensure the resilience of your organization.

You may invest millions of dollars in employee cybersecurity education, but for it to truly pay dividends, you must have a culture of community and shared risk across the organization – it needs to be part of the organizational DNA.


  • Get the CEO Briefing

    Sign up today to get weekly access to the latest issues affecting CEOs in every industry
  • upcoming events


    Strategic Planning Workshop

    1:00 - 5:00 pm

    Over 70% of Executives Surveyed Agree: Many Strategic Planning Efforts Lack Systematic Approach Tips for Enhancing Your Strategic Planning Process

    Executives expressed frustration with their current strategic planning process. Issues include:

    1. Lack of systematic approach (70%)
    2. Laundry lists without prioritization (68%)
    3. Decisions based on personalities rather than facts and information (65%)


    Steve Rutan and Denise Harrison have put together an afternoon workshop that will provide the tools you need to address these concerns.  They have worked with hundreds of executives to develop a systematic approach that will enable your team to make better decisions during strategic planning.  Steve and Denise will walk you through exercises for prioritizing your lists and steps that will reset and reinvigorate your process.  This will be a hands-on workshop that will enable you to think about your business as you use the tools that are being presented.  If you are ready for a Strategic Planning tune-up, select this workshop in your registration form.  The additional fee of $695 will be added to your total.

    To sign up, select this option in your registration form. Additional fee of $695 will be added to your total.

    New York, NY: ​​​Chief Executive's Corporate Citizenship Awards 2017

    Women in Leadership Seminar and Peer Discussion

    2:00 - 5:00 pm

    Female leaders face the same issues all leaders do, but they often face additional challenges too. In this peer session, we will facilitate a discussion of best practices and how to overcome common barriers to help women leaders be more effective within and outside their organizations. 

    Limited space available.

    To sign up, select this option in your registration form. Additional fee of $495 will be added to your total.

    Golf Outing

    10:30 - 5:00 pm
    General’s Retreat at Hermitage Golf Course
    Sponsored by UBS

    General’s Retreat, built in 1986 with architect Gary Roger Baird, has been voted the “Best Golf Course in Nashville” and is a “must play” when visiting the Nashville, Tennessee area. With the beautiful setting along the Cumberland River, golfers of all capabilities will thoroughly enjoy the golf, scenery and hospitality.

    The golf outing fee includes transportation to and from the hotel, greens/cart fees, use of practice facilities, and boxed lunch. The bus will leave the hotel at 10:30 am for a noon shotgun start and return to the hotel after the cocktail reception following the completion of the round.

    To sign up, select this option in your registration form. Additional fee of $295 will be added to your total.