From: Politico
By TONY ROMM
The Pentagon may be slashing its wartime budget as all of official Washington works to avoid the fiscal cliff, but there’s a growing sense that cybersecurity spending might be spared — and some major companies are fighting for the lucrative contracts.
Federal officials have made it clear that funding to fight off foreign hackers should survive the mandatory cuts about to wrack practically every agency in the Beltway. That’s millions in government dollars up for grabs, as Washington rushes to secure its computer systems and the Department of Defense prepares to develop the tools it needs to dominate in cyberspace.
“We need that capability, and the government alone cannot provide that capability,” said Rep. Mac Thornberry, a Republican cybersecurity leader on the House Armed Services Committee, when asked about the growing cyber spending in Washington.
“We cannot hire and keep and fund the kinds of capabilities that are needed to protect cyberspace. Some of it has to be contracted out, and you have to have the expertise and so forth to do that,” the Texan told POLITICO.
Recognizing the shift in budget priorities, companies like Boeing, Northrop Grumman, Raytheon and SAIC are among many players betting big on cybersecurity. That puts them now in direct competition sometimes against tech firms like IBM and HP to offer the feds their cybersecurity products, personnel, services and solutions.
As they do, some of them are hitting the pavement hard on Pennsylvania Avenue, lobbying aggressively this year to protect — if not expand — what has become for so many firms an important new line of revenue.
“Margins are getting squeezed elsewhere,” said John Slye, who analyzes federal cybersecurity spending for Deltek. He said in an interview that defense companies in particular are “looking to protect their revenue streams,” so they’re snapping up security firms and boosting their cyber expertise as they try to position themselves for the cyber market.
The federal cybersecurity pot is brimming with new dollars: Deltek, for one, expects that government spending on cybersecurity products and services could grow at an annual rate of more than 7 percent between now and 2017, coming in that year at about $14 billion. That doesn’t even include the millions of dollars spent by the Pentagon — often out of public view — to operate in cyberspace.
As new threats emerge, the administration has tried to secure for the Department of Homeland Security and DOD even more cyber aid, and congressional appropriators have mostly fulfilled the requests. While those agencies may lead the way in deterring and responding to attacks, they’re also joined by a slew of other government bureaus with their own pot of dollars that can be used for internal cybersecurity purposes. The State Department, for example, recently solicited bids on a $120 million cyber project for one of its diplomatic missions.
It might be a drop in the bucket compared with other federal spending, particularly at the Department of Defense. But it’s still a boon to the defense industry, which is trying to navigate a world of decreased military spending while dodging the new, threatening ax of sequestration.
“In a time of tight budgets that are impacting spend[ing] across the board, there’s a premium in government investing in tech that delivers the maximum amount of security for an amount of money that is there,” said Thomas Gann, vice president of government relations at McAfee, which offers the feds some cyber help.
And administration officials are making clear those dollars aren’t going away.
Deputy Secretary of Defense Ashton Carter, for one, told security professionals early this year that cyber cuts were “not even considered” as the agency prepares for more than $480 billion in reductions over 10 years, a set of changes mandated by the Budget Control Act. “Ships, planes, ground forces, lots of other things [are] on the cutting room floor,” he said, but “not cyber.”
And as the fight in Washington over mandatory sequestration matures, the Pentagon has stuck by that claim. At an event last month, for example, Undersecretary of the Army Joseph Westphal emphasized that funding would be sustained — if not grown — in cyberspace and other related areas.
However, some lawmakers told POLITICO they’re still cautious about the way in which cybersecurity spending has evolved.
“I rely on the secretary of defense’s recommendations to a large degree on that, and obviously we need to address the issue as vigorously and effectively as possible,” said Arizona Sen. John McCain, who holds the top Republican job on the Armed Services Committee. He emphasized the need for lawmakers to maintain their “oversight responsibilities” in the face of more cyber spending.
Thornberry — who has worked closely on defense cyber programs — said the goal is to “adjust spending to reflect changing threats.”
“One of the reasons sequestration is so stupid is that it cuts everything the same, and it may well be we need to spend more on cyber but less on something else,” explained the congressman. “I do think we need to dig a little deeper,” he added. “It doesn’t automatically mean any money you spent on it is well spent.”
To meet the new Washington demand, companies are making their own adjustments. Raytheon and General Dynamics, for example, have gobbled up smaller security firms. Lockheed Martin, meanwhile, opened a 25,000-square-foot cyber research and testing facility near the Beltway. It also helped assemble a collection of tech and defense companies in a Cyber Security Alliance to work together on technology solutions.
And many of those companies also are lobbying aggressively in Washington to safeguard their prized federal dollars — in defense, homeland security, cybersecurity and other areas.
Lockheed Martin and Boeing, for example, spent more than $3.5 million in lobbying just in the third quarter of this year on a variety of defense issues — including cyber and appropriations. Raytheon, meanwhile, spent about $1.6 million. It’s impossible to tell from federal disclosures, however, how much of those dollars were spent specifically on cybersecurity. Most of those companies declined to speak to POLITICO about their contracts or their work to preserve them on Capitol Hill.
At the same time, the field’s largest players are trying to spread word about their federal offerings by other means. “I can’t turn on WTOP without hearing an ad from a defense contractor on cybersecurity,” said John Pescatore, a top analyst at technology research firm Gartner. “It’s been more of a marketing, advertising kind of approach [to lobbying] than the traditional ‘submarine, battleship, tank’ program kind of lobbying.”
But the big players in the new cyber-industrial complex say their attention to the issue certainly matches its seriousness. They disagree with the notion that they’re trying to capitalize on hyperbole or hype the already dire warnings of so-called cyber Pearl Harbors, the likes of which have been cited even by top Obama administration officials.
“Pearl Harbor was a localized event with broad impact on the national psyche,” said Al Kinney, director of cybersecurity capabilities in the U.S. public sector division of HP.
“If someone were to disrupt a significant power grid,” Kinney offered as one example. “I don’t think our country would cease to exist, but I do think people would have a similar emotional response that they had to Pearl Harbor.”
Leave a Reply