Big cybersecurity contractors turn to little firms for specialized monitoring services

By Marjorie Censer
Monday, September 6, 2010; 8

Large defense contractors are increasingly readying to bid for cybersecurity work by buying or partnering with smaller firms that specialize in closely monitoring the data that courses over communications networks.

One chief capability in demand these days is known as "deep packet inspection," or the ability to analyze the packets of data traveling along Internet lines. Companies able to do this kind of work are attracting considerable attention from contracting powerhouses, reflecting the fast pace at which the cybersecurity market is developing and the substantial investments companies are making now in hopes they will pay off later.

McLean-based Science Applications International Corp. bought CloudShield Technologies of Sunnyvale, Calif., earlier this year, and Boeing's St. Louis-based defense business announced this summer it would purchase Narus of Sunnyvale.

More recently, deep packet inspection company Bivio Networks of Pleasanton, Calif., said it would partner with both General Dynamics of Falls Church as well as Global Crossing, which has its government business in Reston.

"Everybody's lining up to make sure they've got their solutions in place," said Michael J. Miller, vice president of Global Crossing's global security and federal programs. "You're seeing providers and partners coming together."

The appeal of deep packet inspection is clear for companies eager to show they can detect malware or intrusions on government networks, said Philip Eliot, a principal at the D.C. private equity firm Paladin Capital Group, previously an investor in CloudShield.

"There's been a big spend around some of the programs that are definitely dependent on that capability," Eliot added.

Analysts said it makes sense for large companies to invest in known firms with built-in customer bases, rather than develop the technology themselves. The specialized firms provide proven technology that is ready to go, said Nadia D. Short, vice president and general manager of the cyber division of General Dynamics's advanced information systems business.

Government agencies say they "need the capabilities to understand at a fairly discrete level of detail ... what's flowing through [their] network," Short said. "This is one of those technologies that allow you to do that."

For small companies like Bivio, working with large integrators improves their access to a wide range of customers. Though Bivio is partnering -- rather than being purchased -- the company isn't ruling out a future deal. Elan Amir, Bivio's president and chief executive, said the shake-ups in the deep packet inspection space bode well for the firm.

Mergers and acquisitions "in a marketplace is good for all the players -- the acquirers, the acquirees and everybody else," he said. "It's good for all of us that there's movement in this market."

In general, cybersecurity continues to be an area in which large integrators are focused on purchasing -- not developing -- new capabilities, said Jessica R. Herrera-Flanigan, a partner at Monument Policy Group in the District who focuses on technology and security.

"It's an overall trend that's increasing," she said. "It gets you from 0 to 100 more quickly than trying to develop it in-house."

© 2010 The Washington Post Company