[Infowarrior] - All Aboard The Cyberwar Express

Sat Jul 23 14:21:32 CDT 2011

National Journal
July 23, 2011

All Aboard The Cyberwar Express

With cuts looming in traditional military spending, cybersecurity has become
the Next Big Thing for defense contractors. Less clear is what the public is
getting.

By Chris Strohm

If you pay them, they will come.

When Deputy Defense Secretary William Lynn spoke at a conference of top
cybersecurity experts in February, he delivered just the message that
defense contractors wanted to hear.

“It is going to take a public-private partnership to secure our networks,”
Lynn declared, assuring his audience that the Pentagon would be spending
billions of dollars a year on cybersecurity and needed their help.
“Throughout American history, at moments of great challenge and crisis,
industry and the private sector have stood up, partnered with government,
and developed the capabilities to keep our country safe.”

The Pentagon’s fiscal 2012 budget request includes $2.3 billion to safeguard
its networks from cyberattacks, but that’s only one piece of the action. The
White House Office of Management and Budget estimates that total spending on
information security this year will be about $12 billion, with two-thirds of
that at the Defense Department. The cyber-industrial complex already employs
the equivalent of 79,000 full-time workers, almost half of whom work for
private contractors.

The money flood has spawned a raft of new specialty firms and prompted
traditional defense contractors to go on a buying binge. Big players such as
Boeing and Raytheon are paying steep prices to acquire little-known
specialty companies, including some that are only a few years old. It’s the
price of admission.

The results are apparent in the landscape around Fort Meade, Md., home to
the U.S. Cyber Command as well as the National Security Agency and the
Defense Information Systems Agency. Dozens of firms, some new and some old,
have set up shop nearby.

Science Applications International launched a Cyber Innovation Center in
Columbia, Md., last September. Northrop Grumman opened its 6,300-square-foot
Cyber Security Operations Center in suburban Maryland in 2009. Not to be
outdone, Lockheed Martin has built a 25,000-square-foot NexGen Cyber
Innovation and Technology Center in nearby Gaithersburg.

Cybersecurity and intelligence were the hottest sector for mergers and
acquisitions in 2010, according to an analysis by Aronson Capital Partners,
a middle-market investment bank.

Boeing paid $775 million last year for Argon ST, a six-year-old firm that
had become a hot niche player in electronic warfare. Argon makes systems for
ships, submarines, and aerial drones that scoop up and analyze all kinds of
communication signals. Boeing’s offer of $34.50 per share last June
represented a 41 percent premium over Argon’s market value. In another large
deal, Raytheon paid $490 million in December to buy Applied Signal
Technology.

“This sector remains ripe for consolidation as larger contractors align
their capabilities with federal spending priorities,” Aronson Capital
Partners wrote in a summary of 2010 activity. Translation: The big boys know
this is more than a fad, and they will buy their way in.

State governments and academic institutions are chasing the money, too. Gov.
Martin O’Malley has declared that Maryland will be “the epicenter of
cybersecurity,” and has even created a branding concept: “CyberMaryland.”
More substantively, the University of Maryland has set up a “Cyber
Incubator” at a research park tied to its Baltimore campus. The
110,000-square-foot building houses 16 companies, including one called Cyber
Map, which has created an online map of all things cyber in Maryland.

The money isn’t just around Fort Meade. NSA is building a $1.5 billion data
center in Utah to help protect federal computer systems, including those at
civilian agencies. The Defense Advanced Research Projects Agency is seeding
projects across the country, including a $24 million “Cyber Genome” project
to map the “DNA” of malicious code and a $16 million project to camouflage
virtual networks.

Amid the frothy exuberance, many analysts worry about wasteful spending.
Analysts and government watchdogs warn that the government hasn’t clearly
defined its needs, making it hard to know which problems are real and which
are just excuses to spend money. They also fret about a lack of coordination
among the scores of agencies, saying that it sets the stage for duplication.

“There’s a huge opportunity for everyone to run to these agencies and to
sell,” says Mieke Eoyang, director of the national-security program at Third
Way, a centrist Democratic think tank, and a former staff member on both the
House Intelligence and House Armed Services committees. “But without some
overall guidance that’s coordinated about what level of security [is
needed], we’re not fixing the problem.”

That is probably an understatement.

In fact, no one really knows exactly how much money is being spent. The
White House Office of Management and Budget estimates that the total is $12
billion this year. But Deltek, an industry consulting firm in Herndon, Va.,
puts the figure at about $9.5 billion and says it’s climbing fast. Secrecy
threatens to make the uncertainty even worse. Each federal agency has to
have its own cyberstrategy, yet OMB won’t publicly disclose what each one is
spending—or on what.

Can anyone say waste, fraud, and abuse?