Military weapons and systems developers who create technologies with strong commercial applications for the civilian world once used to spin-off their by-products to IT companies for a handsome profit.
But that equation could be about to flip, all thanks to the rapid re-militarisation of cyberspace.
As paranoia over nation-state sponsored electronic espionage, hacking and intelligence intrusions grips the globe at same pace as the spread of online commerce and mobile technology, the world’s biggest military industrial players are now assertively returning to the technology services and online security market which once used to be dominated by consumer brands like Symantec or enterprise players like EMC.
On Monday missile, warship and air-warfare systems giant Raytheon announced that it had acquired around 80 per cent of online security firm Websense in a deal worth US$1.9 billion in a joint venture with Vista Equity Partners which will retain a minority stakeholder (Vista previously took Websense private).
Most of Websense’s customer base is in the civilian and corporate markets; Raytheon also has a cybersecurity play, however its skillset and client book is at the pointy end of the military and intelligence market.
If you’re not acquainted with Raytheon’s product catalogue, it includes the Patriot and Sidewinder missiles, a large number of radar systems and base stations to control military Unmanned Aerial Vehicles. In Australia its contracts have included Collins Class submarine systems replacement, the Combat Systems Engineer for the Air Warfare Destroyer and the supply of tactical data radios to the Australian Army.
With deals like that as the mainstay of its business there’s is an obvious question: why is one of the world’s biggest ‘milspec’ systems makers is taking a stake in the increasingly commoditised civilian and enterprise cybersecurity and technology services market?
The answer, at least in part, is that as nation states (governments) have become actors in the international game of cyber intrusion offence and defence, the scale and sophistication of the equipment and software needed is logically headed towards to military grade technology rather than civilian or ‘enterprise’ grade products.
However because civilian and business systems (think governments, banks, utilities, communications companies and retailers) are heavily and irreversibly invested in the so-called digital economy, they too have become the targets of cyberattacks which increasingly carry the sophistication of nation-state backing, especially if economic advantage can be gained.
Put more bluntly, now that the internet has become a weapon in the arsenal of most developed countries, the industry that builds swords and shields has bought itself a market barrow on the high street, in council chambers and in government departments, hospitals and schools.
Raytheon’s Company Chairman and CEO, Thomas A. Kennedy, was happy to call out the escalation of the online threat as a key market opportunity for the missile maker which has become a cyber body guard for hire.
“The market for advanced cyber solutions that protect and defend global industry and infrastructure is rapidly growing due to the sophisticated threats posed by well-funded, nation-state adversaries and criminal networks,” Mr Kennedy said in Raytheon’s announcement of the deal.
“As the business enterprise evolves to meet the networked demands of today’s mobile and cloud economy, these threats will grow in size and scale. The new joint venture will combine Raytheon Cyber Products and Websense capabilities to deliver the advanced, defence-grade technology solutions needed to meet this evolving threat.”
Whether some of those solutions include a discrete hotline to some people who have sufficient authorisation to give unwelcome guests on your network a bit of a digital pasting isn’t likely to make it into the public domain, but it would certainly be a selling point for some potential customers.
Raytheon certainly isn’t alone in terms of pushing back into the civilian space.
Lockheed Martin – better known for making fighter jets, spyplanes and ballistic missiles has over the last five years been progressively muscling-in on the turf of traditional IT services providers linked to computing equipment manufacturers like IBM and HP (which acquired EDS) to take out key federal computing deals.
Lockheed Martin also isn’t underplaying its military pedigree as a useful entrée to getting more civilian government and corporate work for its Information Services and Global Solutions division, a business line that can undoubtedly tap into mil spec cyber resilience and intelligence smarts.
And like Raytheon, Lockheed Martin also has a vested interest in keeping the upper hand in terms of information superiority and the growing weaponisation of the internet under some sort of control.
In 2011 a cyber attack on computer security token maker RSA, part of EMC, that stole cryptography keys was swiftly followed by another attack on Lockheed Martin, with many Western cyber security experts linking the two incidents and pointing to China as the most likely and logical safe cracking suspect.
But while the attacks rang alarm bells right across the military, government and corporate sectors, it also gave Lockheed Martin a platform to publicly promote its ‘Kill Chain’ cyber intelligence tool dedicated to stopping the exfiltration of super sensitive corporate data that it credited with stopping the attack from doing any damage.
Security analyst at research and advisory firm IBRS, James Turner, has also noted the return of military-oriented companies to the civilian and corporate cyber security and systems management market.
Mr Turner told government news that as cyber malfeasance increasingly became a tool of nation states, the companies that provided more “kinetic” military systems were already experienced in checking adversarial threats from overseas.
The very reason why nation states have a military, fighter jets and warships, Mr Turner suggested, was to defend against another nation state’s military assets.
That was now being extended online, especially as “everything” went onto the internet.
“The more things you plug into the internet, the bigger the attack surface,” Mr Turner said.
He said that the Internet of Things represented a new source of vulnerabilities, especially for SCADA (supervisory control and data acquisition) systems, which are used to control and manage machines.
If your IT security software or appliance licences are up or edging towards upgrade or renewal time, expect a call from your friendly rocket scientist sometime soon.
Comment below to have your say on this story.
If you have a news story or tip-off, get in touch at firstname.lastname@example.org.
Sign up to the Government News newsletter