Hunting for Gold in Homeland Security
The government’s goal of achieving seamless information exchange among the 22 separate agencies will eventually call for massive technology spending. In 2003 already, the Department will spend between $2.1 billion and $2.6 billion of its more than $37 billion budget on technology, according to market research firms Input and Federal Sources Inc. (FSI) That number is expected to rise significantly going forward.
But while some of the good stuff is likely to rub off on security and networking equipment vendors, observers expect the agency to award the first contracts mainly to software vendors with products that can facilitate the integration and compatibility of the various agencies.
"There is going to be an opportunity for the telecom industry, but not immediately,” says David Colton, vice president and counsel of the Technology Association of America. “I’d be looking four to five years out for significant opportunities.
"Most of the efforts in the first couple of years will be on consolidation,” Colton says. Among other things, this will include software and integration tasks such as getting everyone on the same email system.
"The real challenge will be achieving compatibility and interoperability,” agrees Ray Bjorklund, the vice president of market intelligence at Federal Sources. “They’ve got their work cut out for them. It’s not going to happen overnight… There’ll be a lot of hiccups along the way.”
The Homeland Security Act, which was passed into law by a 90-9 Senate vote last November, probably won’t provide a quick fix for security and network equipment vendors, but observers say there should be plenty of opportunities for the vendors further down the road. Small and mid-sized companies in particular should eventually benefit, since several provisions in the Homeland Security Act encourage the new department to favor them for its technology purchases. "Ultimately, all the disparate field offices will require a telecom infrastructure," Colton predicts.
Some opportunities are already materializing. The Immigration and Naturalization Service (INS), which is being folded into the new department, has, for instance, already issued an RFI (request for information) for its new entry/exit program and is expected to issue an RFP (request for proposal) worth at least $10 billion any day now. The technology likely involves authentication and identification hardware and software, linked to a series of databases, according to Colton. "It's literally going to be across the spectrum," he says.
But for pure networking companies, there may be another catch -- the new network may not be a new network at all. Many experts doubt that the government actually intends to build such a network, insisting that it will be too expensive, and that there are other, more practical ways of connecting the agencies. “The government could just outsource to existing service providers,” Bjorklund says, pointing out that most of the agencies in question already outsource most of their network services to carriers like MCI (Nasdaq: MCIT) and Sprint Corp. (NYSE: FON). “That’s a lot less painful than building your own network.”
If the government takes this route, analysts say, it will probably choose to transfer most of the information among agencies over virtual private networks (VPNs). That could be a boon to routing and security vendors, by boosting demand from carriers and service providers.
Regardless of whether the government decides to build a new, giant network or not, building the inter-agency communications will call for significant investments in security technologies. The government has budgeted nearly $5 billion for IT security for 2004, and observers expect the spending trend to grow in the years to come.
Security needs are expected to include unified encryption and authentication technologies and policies across all the agencies. This will help shield sensitive information from prying eyes, as well as enable different parties to verify that the information they’re receiving has not been tampered with. “Designing technology that can reach vertically down to state and local levels is a challenge,” Colton says.
Equally important as shielding information from outside threats will be securing the inside of the organization, observers say. With so many different agencies, departments, and government employees exchanging information, the Homeland Security Department will certainly invest in technologies that can distinguish among different security and clearance levels. “There’s a difference between a firewall and a device that regrades the security levels,” says an industry observer, who has asked to remain anonymous.
While the government will certainly be on the lookout for new and innovative technologies to help its integration and security efforts, its choices will be limited to products that have received common criteria certification, which is an internationally recognized standard for evaluating security products. Since last July, only products evaluated by accredited national laboratories can be used in government networks. With only a few such labs in operation, and the certification process taking up to six months, there is already a large backlog of good products waiting to be certified, according to Jim Southworth, CTO of consultancy East by North Inc.
"There are going to be a lot of people scrambling to get certification,” he says.
– Eugénie Larson, Reporter, Light Reading