Priming the pump

Within hours of the Sept. 11 terrorist attacks, information technology companies began remaking themselves.

No longer focused simply on integrating systems, providing online services or selling software that improves services to the public, private-sector leaders realized they would need to take a lead role in homeland security.

To do that, some IT companies began recasting their existing security and integration products as homeland security solutions. Others revved up security centers established before the attacks to develop solutions. And many companies went back to the drawing board to develop new products that they hope will meet agencies' security needs.

Still, the business of homeland security has yet to truly escalate, because although solutions are being readied, companies are awaiting funding from Congress.

"Companies have definitely put together solutions that can meet a variety of homeland security needs," said Larry Allen, executive vice president of the Coalition for Government Procurement. "What they are finding is that the other part of the bridge is not completely built yet."

Although President Bush is attempting to overhaul the federal government and create a new Homeland Security Department, some analysts say it will take $2 billion to create and manage the new agency. That's on top of the $37.5 billion that fund the budgets of the 22 agencies that will be folded into the new department.

"There are a lot of companies expecting the money to fall right away," said Kevin Plexico, executive vice president of Input, a technology and market research firm. "These companies are asking, 'Where is all the money?' Our answer is, 'It's coming. It's just not here yet.'"

Responding to the Call

In the meantime, companies are honing their abilities to provide products and services for homeland security. Nearly every technology company created a homeland security sector after Sept. 11 or fortified what they already had.

The market for homeland security solutions has become so crowded it has some on Capitol Hill trying to catch their breath. In response to the avalanche of products and services, Rep. Tom Davis (R-Va.) introduced a bill last month to form a "multiagency technical assistance team" to assess the merits of industry proposals and report findings to the agencies whose missions most closely match the proposals.

"It is a real challenge to make sure we get what we need — systems speaking to each other," he said. "Everyone is running around town talking to everybody, and nothing gets done.... It's like a Chinese fire drill."

Still, vendor restructuring seems to have paid off already. When McLean, Va.-based marketing firm O'Keeffe & Co. surveyed attendees at the Fortune One Business forum in Falls Church, Va., in June (co-sponsored by Federal Computer Week), most vendors — 53 percent — said the focus on homeland security has increased their business. About 16 percent said sales had not increased, and 31 percent said it is too early to measure the effect of the September attacks on sales.

To respond to the attacks, some companies reached into their existing talent pools and promoted the best employees to direct their new efforts. In the case of EDS, the company hired, and then promoted, retired Army Maj. Gen. Robert Nabors to lead the company's homeland security program.

Since September, Nabors said, EDS has repackaged its services, giving its customers "a little different flavor to meet whatever clients have asked for."

Among its products, EDS offers a computer program that tracks cyberattacks over time and shows any relationships among the attacks. EDS is collaborating with Public Safety Systems LLC to develop a product called Ramsafe. The technology provides a virtual blueprint of every room in a building so a SWAT team would know the lay of the land in a hostage situation. Ramsafe also has the capacity to analyze a biological or chemical attack and provide information about how many people will get sick and where the closest hospitals are.

"Everybody is going to start offering homeland security advising," said Geri Spieler, an analyst at Gartner Inc. "A lot of companies used to call it 'disaster recovery' or 'business continuity,' but what they are doing is going after homeland security federal money."

Across the marketplace, many companies have decided to move forward, even as Congress plays Ping-Pong with the homeland security budget.

Lockheed Martin Corp. is one of them. It recently won two major contracts with the new Transportation Security Administration. They include integrating security equipment at airports under a task order worth up to $490 million and training TSA employees in the techniques of screening airport passengers under a contract that has a potential value of $105 million. And the integrator, like its competitors, are vying for the next big TSA contract: a $1 billion task order to build the fledgling agency's IT infrastructure from the ground up.

"We are not repackaging ourselves but really trying to take advantage of our large system integration experience," said Arthur Johnson, Lockheed Martin's senior vice president for corporate strategic development.

One thing has changed, however. Lockheed Martin leaders are evaluating the company's capabilities and making sure that the company has the right focus.

"One of the big differences now is that typically we deal with one customer. This is different," Johnson said. "This is just about every customer we do business with. The homeland security issue touches everyone."

Johnson said the company is working with its customers to increase their reliance on IT for homeland security. For example, for the past five years, Lockheed Martin has worked on the FBI's Integrated Automated Fingerprint Identification System. The technology is now being developed for the U.S. Customs Service to use at the country's borders.

"We're working with our customers as they continue to define solutions," Johnson said. "They haven't gotten to the point of putting procurements on the street, but they are talking about how things can be put together."

Other companies, such as Computer Sciences Corp., are fortifying their own structures by looking across their businesses horizontally as well as vertically.

"The point of creating this job was to support vertical business units in their traditional areas, which are client-focused with a big national perspective of homeland security requirements," said Ben Gianni, CSC's new vice president for homeland security.

Before Sept. 11, state and local governments were not concerned about terrorism, but now "everybody is concerned about the nature of terrorism and what they can do to protect their assets," Gianni said.

Already Prepared

Some companies found themselves in the right place at the right time. CACI International Inc., a technology and communications firm, found that after Sept. 11 nearly every contract it had with the government increased in volume and dollars. Company officials discovered a benefit to having an information assurance business already established. They did not have to spend time developing one, said Roger Baker, former chief information officer at the Commerce Department and now an executive vice president at CACI.

"Sometimes you have to find the railroad tracks. Other times you are standing right in front of the train," Baker said. "A lot of security work we've recently won came out much more quickly and with much more dollars than if [Sept. 11] had not occurred."

Oracle Corp. also had an information assurance center in place before Sept. 11. The company hired David Carey, a former top CIA official, to be in charge of the new center, which will operate in both a physical and virtual environment.

Most databases in federal agencies use Oracle products. In the aftermath of the attacks, the company notified its government customers, including New York City, about some of the secure features already embedded in their infrastructures. Firefighters in New York used Oracle's database to determine which gas pipes to shut down.

"With Oracle, this isn't homeland security in a box," said Steven Perkins, senior vice president of Oracle Federal, where he is responsible for the U.S. public sector and homeland security. "Internally, what we have done is gather together using a task force approach to bring various elements of the firm together that provide technology or services."

Long before Sept. 11, Booz Allen Hamilton also had major security efforts under way, including planning for a "worst-case scenario" attack. The bombing of the Alfred P. Murrah Federal Building in Oklahoma City in 1995 pushed Booz Allen to begin developing strategies for future attacks.

As part of a simulation, "we were looking at potential terrorist organizations or nation states, perhaps giving them cruise missiles that maybe we were not able to stop," said Don Vincent, chairman of the company's homeland security campaign. "We never thought the cruise missile would be a commercial airline."

As a result of their experience, company officials decided in 1997 to open a new office for infrastructure assurance to focus on national security and IT issues. "We were already talking about this issue from the strength of four years," Vincent said. "We already had brand recognition."

Now the stakes are much higher. "I think everyone has realized that if they were a federal or private concern that didn't have a homeland security mission, they did now," Vincent said.

Agencies Look for Integration

Security is the buzzword and integration the key to garnering government business. And telecommunications companies such as Sprint are pushing the message that they are more than just long-distance providers.

With many of their customers on tap to become part of the Homeland Security Department, Sprint officials understand that they must bundle existing services and enhance others to meet agencies' new needs. "We are adapting to the environment," said Tony D'Agata, vice president and general manager of Sprint's Government Systems Division.

In June, Sprint, one of two vendors on the General Services Administration's FTS 2001 telecommunications contract, added a number of products and services to that contract to preserve vital data and operational communications. Sprint now offers enhanced video services and faster connections in the event of a catastrophic attack that knocked out communications.

"Certainly, our customers are concerned with the vulnerabilities in their communication networks and the integrity of the data they have to communicate," D'Agata said. "The diversity of one's network is of heightened importance to agencies. They are concerned about a single point of failure."

Since Sept. 11, WorldCom Inc. has been providing its federal, state and local customers with various tools they can use regardless of their location, including security services and Web hosting.

In the coming months, the company will add more services to its FTS 2001 schedule to provide additional security and redundancy capabilities for customers, according to company spokeswoman Natasha Haubold.

Smaller companies are regrouping, too. Informatica Inc., a data integration company, decided its government strategy was on target, but the company needed to leave "footprints" in agencies where it had no contracts, said Kyle Bowker, Informatica's executive vice president of worldwide field operations. That means Bowker and others have been canvassing federal agencies, making contacts and leaving business cards, hoping their product is what the government needs.

A similar pitch is heard across Washington, D.C., these days from established firms: The track record is there and we know what we're doing, said Bruce Klein, vice president of federal sales at Hewlett-Packard Co.

"We are doing something different," he said. "We developed a homeland security group made up of folks from some of our most experienced sales resources, some solution architects here and on the West Coast, to take a look at what kind of solutions the government needs."

Digging for Details

Some plans and new projects are so sensitive that government officials are reluctant to talk about them. Customs, for instance, sought proposals for two backup systems — one 15 miles from its headquarters and the other 350 miles away. But officials never announced who got the award to build the sensitive systems that would be relied on if Customs' primary systems are attacked, and no one at the agency is giving out any details about its backup systems.

The Internal Revenue Service sought $15 million last year to build three backup systems. Congress tucked the money into a Defense bill instead of the appropriations bill that normally funds the IRS. John Reece, CIO at the IRS, talked about the backup systems only when asked.

And although lawmakers, as well as the Bush administration, continually complain about the poor state of some crucial information systems, including those at the FBI and the Immigration and Naturalization Service, no one at those agencies is willing to talk about the specifics of what has to be done to correct the problems.

Nevertheless, the federal government is fertile ground for the near future.

"All of the former accounting firms or commercial consulting firms are now all of a sudden running like crazy to establish a federal practice," said Renny DiPentima, president of consulting and systems integration at SRA International Inc. "Why are they in the federal space? Because that's where the money is."