washingtonpost.com  > Live Discussions > Technology

Microsoft's Homeland Security Efforts

Tom Richey
Director of Homeland Security, Microsoft?s Public Sector
Tuesday, August 31, 2004; 11:00 AM

Tom Richey, head of homeland security efforts at Microsoft, was online to discuss homeland security trends and Microsoft's current work in the arena. Filter columnist Cynthia L. Webb hosted the discussion.

A transcript follows.

_____Related Links_____
Microsoft Homeland Security Page
Microsoft Coverage
Filter Archive

Editor's Note: Washingtonpost.com moderators retain editorial control over Live Online discussions and choose the most relevant questions for guests and hosts; guests and hosts can decline to answer questions.


Cynthia L. Webb: Welcome, Tom. Thanks for joining us today to talk about Microsoft's work in the homeland security arena. Homeland security is a newer focus area for a lot of technology companies. How long has Microsoft actively been pursuing homeland security business and what types of software and services does your public sector unit sell to government agencies?

Tom Richey: We've had decades-long relationships with the agencies that currently now make up the Department of Homeland Security, and we can now approach it as one common enterprise. We're excited about the enterprise agreement that we entered in to with DHS over a year ago which provides a common desktop and messaging platform, and server software. Our goal is to work with DHS to help it understand the full collaborative capability of the Microsoft platform for meeting their most pressing operational challenges.


Cynthia L. Webb: There is a lot of clamoring among IT contractors for homeland security work with the federal government, but there are certainly many local and state governments that need help in this area too. What are the opportunities like at the state and local level and what's the growth potential there?

Tom Richey: There is a huge opportunity within State and Local governments through two venues:

1. the significant and unprecedented homeland security federal grant programs to state and local governments which exceed $3b over the last 3 years

2. IT state spending on Justice & Public Safety applications is growing at 2 - 3 percent beyond other IT spending. The opportunity for Systems Integrators and software developers is immense.


San Francisco, Calif.: After Sept. 11, it became apparent that the government agencies were doing a terrible job of information sharing. How's it going now?

Cynthia L. Webb: As a follow-up to this reader's question, how have technology companies helped improve this information-sharing void?

Tom Richey: We believe that government is making progress, although many barriers remain. The problem is not in the availability of technology solutions, rather it is in the cultural, legal and political barriers that slow the needed pace of change.


Arlington, Va.: There has been a lot of talk about technology moving homeland security forward, but how far are we?

Tom Richey: We agree with Sec. Ridge that the journey is a long one. He even suggests as long as 10 years. We believe our role as an industry leader is to identify and promote success stories that are consistent with the national strategy based on open standards that are affordable, scaleable and repeatable.


Washington, D.C.: What specifically does Microsoft Homeland Security do? Sell software? Services?

Tom Richey: Our goal has been to assist in the development of technology to help detect, prevent, and deter terrorist activity in both small and large cities — linking everyone from the top intelligence official to the cop on the street — in a worldwide effort to stay one step ahead of those who threaten America.

Microsoft Homeland Security has developed an actionable roadmap to align with the goals of the Department of Homeland Security - to build a National Response System over the next 10 years, which is an objective set by Secretary Ridge.


Cynthia L. Webb: On the state/local level, Microsoft has helped with projects for police agencies to share data, including some efforts in Washington state. However, a lot of state and local agencies are facing budget crunches. How are these agencies meeting their IT needs with less cash on hand? And what type of creative deal making, if any, does Microsoft due to win clients in leaner economic times?

Tom Richey: Our public sector customers have made a significant investment in the Microsoft platform. We take very seriously our responsibility to work with them to leverage their existing platform as a force-multiplier for integrated government - the software you use for most public services is the same you use for homeland security needs. For example: State of Alabama built a system, law enforcement tactical system (LETS)that links law enforcement, courts and other criminal databases statewide on multiple devices for one fifth of the cost of previously attempted efforts.


Cynthia L. Webb: A lot of smaller tech companies want to get involved in government IT work, but have limited experience and resources. How do you suggest they get the attention of companies like Microsoft to partner up and sell services to the government? Any anecdotes or success stories you can share?

Tom Richey: Secretary Ridge has challenged IT industry leaders like Microsoft to work with DHS in seeding innovation, identifying best in class solutions, and working to both promote and advance successes around the country. That's consistent with the Microsoft business practice of working through a robust partner ecosystem that includes tens of thousands of partners - small, medium and large - across the country. That model is a formula for seeding innovation and helping DHS achieve their goals.


Alexandria, Va.: Does your role at Microsoft often put you into contact with the cybersecurity efforts at the Homeland Security Department or do you find yourself working at all levels of Homeland Security because of the omnipresent nature of Microsoft's technology?

Tom Richey: We work with all facets of DHS including Asst Under Sec. Libuddi and Asst Sec. Liscouski on the most pressing missions of the information assurance and information protection (IAIP) offices of DHS. We also work closely with the science and technology directorate, BTS, and ODP. Cybersecurity permeates all the mission areas of these directorates. We work closely with IAIP to stand up their CERT Center with Carnegie Mellon University and continue to work closely Amit Yoran.


Niceville, Fla.: There are a lot of existing systems out there in that contain valuable information for the fight against terrorism. Do you see XML standards emerging as a way to tie these systems together? And if so who will manage the XML Schema?

Tom Richey: XML already exists as an industry standard. One of the most important roles of government is to continue to identify and set standards for all software vendors to work towards for building truly interoperable information systems. To date we are seeing the agencies managing their own XML schemas, which is a role unique to government that through the next decade will serve an important purpose in helping us achieve our national goals around interoperability.


Cynthia L. Webb: We have 30 minutes left in our chat with Tom. Readers, thanks for your many questions and participation.


Herndon, Va.: Thanks for your time today.

Question: One of the issues with state/local organizations is that core IT systems do not exist - primarily because of lack of funds. As Microsoft works to build solutions for the state/local market, will you look to more aggressive pricing or innovative pricing models?

Tom Richey: A significant challenge remains in state and local government to capture the federal grant funding for the purpose of IT expenditures. We are excited about bold leaders that we've identified in the country who have embraced IT as the force-multiplier for achieving their homeland security goals rather than more traditional spending on equipment like "boots & suits". We don't suggest one in lieu of another, but a more balanced approach. Our goal is to help them maximize their current investment, not to find a way to sell them software they don't need.


Washington, D.C. : Have any security requirements from the federal government required Microsoft to make changes to its products in order to be eligible to sell those products to the federal government?

Tom Richey: We continue to be a participant in the development and impact of Federal Information and Management Security Act (FISMA). We've been working with our federal government customers for decades to improve their security and in fact have incorporated many federal government recommendations in to updated revisions of our products. Security is an industry-wide problem. Like our industry peers we continue to focus on security. Future success depends on a true partnership between industry and government to achieve a desired outcome.


Arlington, Va.: What do you think the next big thing will be in terms of homeland security?

Tom Richey: The next big thing is a misnomer. This is really about a journey of continuous improvement. We need to continue to work in an industry and government partnership. In working with public sector leaders who are willing to break down the barriers that remain and embrace technology to achieve our new goals for information sharing. The joint 9/11 commission report and the Markel Foundation reports are evidence and great sources of remedial information in articulating the new information sharing environment that identify the end of the journey.


Annandale, Va.: What sort of offerings outside of the usual Windows systems that Microsoft normally sells to businesses and consumers has Microsoft produced specially for homeland security efforts?

Tom Richey: This is about solving the homeland security problems of our public sector customers. We are working with these customers to identify a range of solutions that extend from mobile handheld devices to the data center. Homeland security solutions are not necessarily about point solutions - they are about integrating a range of technologies and disparate infrastructures.


Arlington, Va.: It strikes me that the best thing Microsoft could do for homeland security would be to secure the products it sells to consumers. Nearly every piece of malicious code on the Internet is written to exploit weaknesses in your company's software. How much responsibility does Microsoft bear if cyberterrorists exploit those weaknesses to attack us?

Tom Richey: Microsoft is not alone in the challenge of securing software. Having said that, Microsoft through our Trustworthy Computing initiative is keenly focused on our most pressing security challenges. We have made significant progress since Bill Gates launched the TWC initiative 2 years ago. It's commonly recognized that software will always have vulnerabilities, yet our efforts to secure our platform are already yielding benefits such as a significant reduction in vulnerabilities in Windows Server 2003 as compared with previous releases.

We are also working with global governments on our Government Security Program (GSP). GSP provides governments the ability to view Microsoft source code, subject to certain requirements including US export regulations, in response to requests for greater technical collaboration. This is but one example of many initiatives the company has undertaken to help address an industry-wide problem.


Lansing, Mich.: In your opinion, what have been the failings of information technology in the pursuit of homeland security? Where and in what ways have we leaned too heavily on IT or approached technical problems from the wrong angle?

Tom Richey: The joint 9/11 commission report and the Markel Foundation reports outline very clearly the needed national reforms in information sharing and intelligence fusion that will go a long way in preventing and deterring future terrorist attacks. The technology tools needed to achieve this new information sharing era exist today, however significant barriers remain that are human in origin rather than technical. The legal, cultural and political barriers are significant but are being addressed one block at a time.


Cynthia L. Webb: What's been done so far on the counter-terrorism communications network project Microsoft is working on for the Department of Homeland Security? Also, explain more about what the Joint Regional Information Exchange System will do that agencies and law enforcement can't do now.

Tom Richey: We're excited about the success of JRIES. JRIES is a model for the kind of information sharing that is needed in the future. Sec. Ridge designated JRIES as the official information sharing system for the 50 states and 5 territories because of the user friendly capabilities and broad support of the law enforcement community. We continue to work on and build solutions like JRIES as models for the future.


Cynthia L. Webb: We are out of time for more questions today. Readers, thanks for all the great questions. Tom, thanks for taking the time to chat with us today about your work and the homeland security efforts of Microsoft. In closing, what are the homeland security needs of the government that are most pressing that the IT sector can help address?

Tom Richey: Cindy, thanks for the invitation to be part of the online chat today. Industry must continue to work together in an unprecedented manner to accelerate the change necessary to achieve our national goals around information sharing. Time is the enemy and Microsoft will continue to work with industry and government partners to achieve our national goals.


© 2004 Washingtonpost.Newsweek Interactive
Viewpoint: Paid Programming

Sponsored Discussion Archive
This forum offers sponsors a platform to discuss issues, new products, company information and other topics.

Read the Transcripts
Viewpoint: Paid Programming