San Diego’s SAIC Emerging as Key Player in Nation’s Cyber-Security Battle
In financial results issued late yesterday, San Diego defense contractor SAIC attributed its increased second-quarter revenue and earnings to “recent wins in defense logistics, information technology, and cyber-security,” among other things.
That last part about cyber security may be an understatement, based on a conversation I had last night with Alan Paller.
As a founder and director of research at the SANS (SysAdmin, Audit, Network, Security) Institute, a cooperative computer security organization in the Washington, D.C. area, Paller has a front-row view of the relentless electronic attacks besieging the nation’s computer infrastructure. He gains much of his insights through his work with SANS, which conducts research and training for system administrators, and oversees the Internet Storm Center, a volunteer Internet security monitoring organization. In the 20 years since the institute was founded, Paller also has developed an extensive network of professional connections in network security both in and out of government.
As Paller told me last night, Internet attacks on government computer networks have become a constant threat, an intense storm that’s not just rattling windows and doors, but also breaking into sensitive government computer systems that store data about U.S. technology. It is a warning he often makes. Yet one reason why SAIC is becoming so crucial stems from testimony he delivered just five months ago to the U.S. Senate Committee on Homeland Security and Government Affairs. In his presentation, Paller emphasizes two new realities about the nation’s cyber-infrastructure:
—Computer attacks by hackers, nation states (e.g. China), organized crime in Eastern Europe, and even terrorist groups have more deeply penetrated U.S. civilian government agencies and the critical national infrastructure computer networks (e.g. computers that control power grids) than has been publicly disclosed.
—The attackers are improving their techniques far faster than the U.S. government has been improving its defenses. In other words, the threat is increasing at an accelerating rate.
Paller contends that SAIC, with its institutional expertise in IT systems integration for U.S. intelligence and defense agencies, is way ahead of other defense contractors because “a lot of the guys with security clearances don’t have the necessary skills.” His insights helped give me a new perspective on yesterday’s disclosure by SAIC (the company also known as Science Applications International Corp.) that it had recently won a prime contract for $388 million from the U.S. Department of Homeland Security to provide scientific, engineering, and technical services to support the NCS. The company describes NCS, or the National Communications System, as “a cornerstone of the country’s ability to provide key communications services to support government functions during emergencies.”
Yet Paller suggests that such disclosures represent only part of a cyber-security picture in which SAIC has emerged as the single most important player.
The SANS research director tells me the government has been hiring “thousands” of computer security experts to man the nation’s cyber-ramparts. Paller says the key factor in recruiting cyber-warriors is in providing people with the necessary skills to understand and respond to sophisticated, persistent, and coordinated attacks on U.S. computer networks. The continuing government recruiting effort goes largely unseen, Paller says, because these jobs are classified.
And how does he know this? “We’re helping with a big manpower study for the Center for Strategic and International Studies,” Paller says. (The center, a bipartisan and non-profit government research and public policy organization, has been supporting the Commission on Cybersecurity for the 44th Presidency.)
To Paller, San Diego’s SAIC “is the only major defense contractor that is able to deliver large numbers of people with advanced technical security skills. The military leaders know that in cyberspace, the only effective weapons are people with advanced technical skills, not packaged tools. That means the winning contractors will deliver people with proven skills in intrusion detection, forensics vulnerability analysis and exploit development, reverse engineering malware, advanced penetration testing—especially application penetration testing, perimeter leakage and protection, and similar skills.”
And it’s all happening behind the scenes.