[Infowarrior] - Defense Contractors See $$$ in Cyber Security

Thu Jan 1 16:49:41 UTC 2009

Defense Contractors See $$$ in Cyber Security
By Kim Zetter EmailDecember 31, 2008 | 3:27:42 PM Categories:  
Cybersecurity

http://blog.wired.com/27bstroke6/2008/12/defense-contrac.html

The profits of (conventional) war must not be as good as they used to  
be.

Lockheed Martin and Boeing have decided the next cash cow is cyber  
defense.

According to Bloomberg, both companies, "eager to capture a share of a  
market that may reach $11 billion in 2013," have formed new business  
units to attract money that the U.S. government will be spending to  
secure U.S. government computers and, no doubt, to break the security  
of enemy computer systems.

The companies awoke to the money-making opportunity after President  
Bush signed a National Security Directive in January, which is  
commonly known as the Comprehensive National Cyber Security Initiative  
and is estimated will cost $30 billion or more to implement.

The initiative, which includes the creation of a National Cyber  
Security Center to be run by the Department of Homeland Security, has  
been criticized for its secrecy and the role that intelligence  
agencies may play in the plan. Critics fear the plan is a cover to  
give U.S. intelligence agencies the unfettered ability to monitor all  
traffic that passes through the internet.

The initiative has many parts, however, one of which is to secure  
government networks.

Despite an abundance of established computer security firms that  
already have experience securing networks, Boeing launched its  
cybersecurity division in August, followed by Lockheed in October.

Science Applications International Corporation (SAIC) also got in the  
game, as has Raytheon -- though a Raytheon spokesman wanted Bloomberg  
to understand that it had been thinking about cashing in on cyber  
security longer than Boeing and Lockheed Martin were thinking about  
it. The company acquired its computer security expertise the old- 
fashioned way -- by buying it. Raytheon purchased three computer  
network security firms (Oakley Networks, SI Government Solutions and  
Telemus Solutions Inc) in the last 18 months and says it plans to add  
300 more security engineers to its stable in 2009.

It's likely the others will be acquiring their expertise this way as  
well, which will only be good news for computer security firms that  
have been struggling to stay afloat the last few years when the  
government and private sector showed little interest in spending money  
to secure computer networks.

“The whole area of cyber is probably one of the faster-growing areas”  
of the U.S. budget, Linda Gooden, executive vice president of  
Lockheed’s Information Systems & Global Services unit, told Bloomberg.  
“It’s something that we’re very focused on. I expect there will be a  
significant focus” under Obama.

Lockheed hasn't always been so focused on cyber security or had much  
of a track record in keeping its own systems secure.

Readers may recall that the defense contractor was the victim of a  
major cyber intrusion in 2003 dubbed Titan Rain. Both Lockheed and the  
Sandia National Laboratory that Lockheed managed were hit in the  
attack, resulting in thieves making off with Lockheed schematics and  
other proprietary and sensitive documents. A Sandia network security  
analyst named Shawn Carpenter discovered the intrusion and told his  
superiors, who wanted to keep the break-in quiet. In the interest of  
national security, Carpenter provided information about the attack to  
the FBI and was fired by Sandia -- the standard reward for  
whistleblowers everywhere. Last year a jury awarded Carpenter $4.3  
million in a wrongful termination suit.