New and ongoing cybersecurity mandates from the federal government are creating a near gold rush for vendors and contractors looking to help shore up the nation’s cyber defense. And it’s only going to get bigger as the demand for vendor-furnished information security products and services by the federal government is projected to increase from $7.9 billion in 2009 to $11.7 billion in 2014 at a compound annual growth rate of 8.1 percent, more than twice the rate of total federal IT spending, according to a report by INPUT.
The Office of Management and Budget directed federal agencies to continuously and automatically monitor the status of their security controls and send annual reports in the Fall of 2010. This and a host of other laws, as well as additional beureaucracies like the White House cybersecurity coordinator’s office and U.S. Cyber Command, have created an industry scramble.
"At the end of the day, compliance with cybersecurity goals and initiatives will represent a multibillion-dollar opportunity for the contractor community," said Rishi Sood, a vice president at Gartner to Government Executive magazine.
Legislation moving through Capitol Hill currently is aimed at expanding the role of the Department of Homeland Security in cyberwarfare, which is expected to fuel contracting opportunities. Also, the federal government’s adoption of Web 2.0 technologies like could computing, social media and other Internet-based technologies has created a huge demand for encryption and firewall systems to shield government networks from intruders.
However, the demand for cybersecurity professionals far outweighs supply, since the U.S. government has a “desperate shortage of people who can design secure systems, write safe computer code, and create the ever more sophisticated tools needed to prevent, detect, mitigate and reconstitute systems after an attack,” said a recent study by the Center for Strategic and International Studies.
Yet cybersecurity vendors and contractors are still attempting to gauge the U.S. Government cybersecurity needs. Many companies are rushing to offer new products to the government without realizing that the bigger needs are in training and certification of IT personnel, said Paul Strasser, senior vice president of Dynamics Research Corp., a federal IT contractor.
“From an industry perspective: you have to watch what’s going on and figure out what you can provide,” Strasser said to National Defense Magazine.