The cybersecurity boom

By Marjorie Censer and Tom Temin
Monday, May 10, 2010

When cybersecurity firm Triumfant was founded in late 2002, it developed software meant to assist help desks in managing information technology problems. The company soon found a more valuable use for its software: detecting malicious acts on networks of computers and making automatic fixes.

Earlier this year, the small Rockville-based firm, which has fewer than 20 employees, announced it is partnering with Fairfax-based SRA International, a major government contractor, to beef up SRA's cybersecurity product.

The company -- which today works exclusively in the cybersecurity field -- is just one of the beneficiaries of what analysts say is a growing boom in cybersecurity work. From small, recently-established firms all the way up to the well-known defense contracting giants, local companies are building up their cyber credentials.

There's plenty of reason for the surge. The increasing number and intensity of cyberattacks has attracted the attention of the Obama administration and Congress, which have begun steering new dollars to the problem. And much of that new spending is focused on the Washington region, as the federal government consolidates many of its cybersecurity-focused agencies in the area.

With the National Security Agency, the soon-to-be-relocated Defense Information Systems Agency and the newly-founded U.S. Cyber Command at Fort Meade; the Department of Homeland Security set to move to Anacostia; and the Pentagon just across the river, a region known for information technology is fast becoming a cybersecurity capital.

"There's this gravitational pull in Washington," said Philip Eliot, a principal at the D.C. private equity firm Paladin Capital Group.

David Z. Bodenheimer, a partner at law firm Crowell & Moring in Washington who leads the firm's homeland security practice and specializes in government contracts, said the unclassified portion of the federal government's cybersecurity work is estimated at $6 to $7 billion annually. The classified portion is likely just as large -- and potentially bigger, he said.

"I think it is a real growth opportunity in coming years," Bodenheimer said. "The market is still rather fragmented and in flux, but is developing with a speed that it is attracting both the major defense and homeland security contractors who are establishing independent business units to pursue these opportunities, and it is also a real opportunity for the smaller players who have niche products."

As start-ups and others rush to stake claims, some wonder if a bubble of sorts is beginning to inflate. Roger Novak, founder of Novak Biddle Venture Partners, recalled that many venture firms in the early 2000s chased similar prospects.

"A lot of the early people made significant money, but there were a lot of 'me too' companies," he said. "So a lot of people in the investment community probably absorbed losses in the space and began to move on."

But now, he said, the administration's focus is once again piquing venture interest and spurring larger companies to pursue acquisitions of companies that already have cybersecurity footholds. Novak is bullish on the sector; after all, his firm invested in Triumfant in 2006.

Eliot said key opportunities right now are in securing mobile devices, protecting against Web-based attacks that come from reputable Web sites, and fending off internal threats.

CONTINUED     1        >

© 2010 The Washington Post Company