From boomtown to business as usual

The two years following the Sept. 11, 2001, terrorist attacks featured a surge in security-related spending. In fiscal 2001, the agencies that eventually formed the Homeland Security Department received about $10 billion for homeland security activities, according to the Congressional Budget Office.

That amount more than doubled in fiscal 2003. In addition to funding for DHS, funding for homeland defense initiatives in the Defense and Justice departments nearly doubled during that time period, too, CBO officials reported.

But industry analysts believe that initial period of crisis spending is waning. Payton Smith, manager of public-sector market analysis services at Input, said he expects the pace of growth in homeland security information technology spending to slow during the next couple of years.

"We're getting to a point where we revert to ...a more normal budget increase," he said.

Although that assessment may seem discouraging on the surface, some government watchers contend otherwise. DHS' still-hefty $4 billion-plus budget makes it the largest civilian agency in terms of IT spending, Smith said. The department "ranks on a tier comparable to the military services," he added. Agency officials have security dollars to invest, though funding may not be as generous as in previous years.

"There's a leveling-off effect with respect to the pace of growth, [but] the budgets are essentially pretty robust," said Chris Ballenger, chief executive officer of APEX, which advises vendors on public-sector business development.

Although homeland security budgets remain healthy, getting a piece of the pie isn't easy. Agency officials need coordination and planning to ensure the flow of funding, officials said. And contractors need patience, long-term thinking and agility as they pursue homeland security initiatives.

The impact of this normalization can be felt across the entire federal IT budget. The fiscal 2005 budget represents a

1 percent increase compared to the previous year, Ballenger said, again citing OMB statistics. That compares to double-digit IT growth rates during the past few years, according to Input.

"The initial ramp-up of homeland security-related projects has tapered off," an Input report noted earlier this year.

Meanwhile, officials will closely scrutinize major programs that have been awarded, such as the U.S. Visitor and Immigrant Status Indicator Technology initiative. President Bush approved a bill in October that requires greater financial oversight of DHS. In addition, OMB officials can put the brakes on projects they believe lack adequate justification.

"There's a reluctance to give all the money they've asked for," said Ray Bjorklund, senior vice president and chief knowledge officer at Federal Sources. "Until DHS ...has a solid track record, there's going to be some restraint in funding for those large, complex, high-risk programs and projects."

But simple mathematics also explains the spending shift. "You can't have huge budget increases every year," Ballenger said.

A similar funding pattern is unfolding in state and local markets. DHS officials provide first responder funding through basic state grants, the Urban Area Security Initiative and other programs.

A recent Input report suggests that this homeland security spending will "grow very gradually over the next two years." But the report indicates that funding will accelerate by fiscal 2007.

Ballenger said the money is shifting away from traditional IT areas, such as applications and infrastructure, to budget line items for specific initiatives. Some executives say spending is shifting from the general IT budget to large programs such as the Homeland Secure Data Network.

Before 2003, most federal grants to state and local governments for homeland security focused on emergency gear, known as "boots and suits" in first responder lingo, as opposed to IT. Subsequent grant cycles, on the other hand, have broken this pattern.

Nick Gragnani, deputy director of the St. Louis County Police Department's Office of Emergency Management, said initial grants from the Justice Department's Office for Domestic Preparedness in the late 1990s focused on equipment used during the response to an emergency.

But DHS' Urban Area Security Initiative grants developed a broader charter that includes tools for prevention and detection. "Those [grants] allow us to start working on things like IT programs," Gragnani said.

One example is the integrated communications solution used to manage security for the second presidential debate in St. Louis. Convergence Communications developers built the system, which is based on Microsoft's SharePoint and .NET. An expanded version of that system operates as Missouri's statewide homeland security portal.

DHS' IT Evaluation Program also underscores the move toward IT-related state and local grants. In fiscal 2004, officials in DHS' Office of the Chief Information Officer and the Office for Domestic Preparedness worked together to provide

$9 million in funding to 12 projects.

At the Alabama Criminal Justice Information Center, officials are using a grant to develop the Secure Homeland Access and Reporting Environment. The intelligence-gathering system facilitates cooperation among different levels of law enforcement within the state.

Maury Mitchell, the center's director, said state officials would have started the project even without a grant. But DHS' funding helped get the project off the ground.

"State governments are stretched so thin, there's very little money available for innovation and development," he said.

Alabama officials competed with 112 other proposals for their slice of the grant program. In general, landing DHS grant money takes effort. By some estimates, several billion dollars' worth of grants have not reached first responders.

One reason for this lag is that would-be grant recipients need to develop homeland security risk assessments and mitigation plans to obtain funding.

"The spending is encumbered to some degree," said Phil Foote, executive vice president and chief operating officer at STG, an IT services firm.

He said government officials should not be reckless in homeland security spending, but he also cited a lack of speed in the process. "The velocity is not there," he said.

But experts say agency officials who take a disciplined approach to grant applications can improve their chances of winning a grant.

"The process only slows down if there's no coordination among the agencies that need to participate in the decision-making process," Gragnani said.

Larger vendors tend to rely on matrix management approaches to tackle homeland security opportunities. Such vendors typically employ a relatively small homeland security core group, which draws upon the expertise of various business units. This approach lets company officials ride the ebbs and flows of the homeland security business without the overhead of a large, single-purpose organization.

At Anteon, each operating unit with a DHS customer is responsible for identifying opportunities and sharing them with a corporate group that marshals resources across the company, said Joseph Kampf, Anteon's president and CEO. "We never believed [homeland security] should be a separate division," he added.

Product vendors take a similar tack. "We've been a virtual team from the beginning," said Mark Boyer, homeland security business development manager at Cisco Systems. He said the virtual approach helps in a market segment in which company officials have difficulty predicting what skill sets will be required for different projects. Cisco officials may seek out fire chiefs, police chiefs or city managers who may be interested in radio interoperability, wireless networks or security.

Diversification is another hedge against market variability and one that both small and large companies employ.

Novak Biddle Venture Partners has been backing start-ups in the homeland security arena. Andrea Kaufman, a partner at the venture capital firm, called homeland security an attractive opportunity, but she generally advises young companies to build "a broader customer base than just the government."

She pointed to the example of ObjectVideo, a Novak Biddle portfolio company that provides video surveillance software. Founded by Defense Advanced Research Projects Agency scientists, ObjectVideo initially pursued the federal market but now has commercial clients, too.

But Kaufman warned that diversified companies can have a culture conflict because of the differences between government and commercial selling. "You're almost creating two separate companies to be able to really focus on commercial and government" markets, Kaufman said. That task may not be difficult for a large enterprise, but it is much harder for a small firm, she added.

SRA International, meanwhile, seeks a balanced portfolio, said Ernst Volgenau, the integrator's chairman and CEO. The company's national security business, which includes homeland security work, represents 62 percent of the firm's business. The remaining 38 percent is in civil government, health care and public health.

Volgenau said other companies have pushed national security to 80 percent of revenue. But SRA has resisted that trend, he said, adding that the company's two biggest wins this year came in the civil sector.

Patience is another homeland security virtue. "You have to invest in the long run," said Michael Beckley, co-founder of software firm Appian. Companies with a quarter-to-quarter mind-set can't make the investments required to address homeland security's unique requirements, he said.

Patience also means taking your lumps as you pursue the potential rewards. "The homeland security market is a rosebush, but it still has thorns," Kaufman said.

***

Winning the grant game

First responder grants can be a boon, but the application process can be a slippery slope and, once awarded, the grants have limitations. Here are a few tips:

Do your homework. Agencies must have threat assessments and risk mitigation plans if they expect funding to flow, experts say. Homeland Security Department officials want grant dollars to be spent wisely, which is an impossible task if local officials haven't studied the nature of the threat and how it could affect key resources.

"You need to take a look at your own backyard," said Nick Gragnani, deputy director of the St. Louis County Police Department's Office of Emergency Management.

Plan for the future. Grants don't typically cover the life cycle of a project, so agencies must plan accordingly.

Fred Granum, executive director of the Regional Alliances for Infrastructure and Network Security (RAINS), said grants can be a catalyst for projects, but they don't cover the full cost of development. The real challenge, he said, begins when the grant money runs out and agencies must find a way to keep the IT system deployed.

"How do we pay for this on a long-term basis?" is the question grant recipients must ask themselves, he said.

Based in Portland, Ore., RAINS relies on a mix of government funding, private-sector investments and in-kind contributions.

Keep costs down. An 18-month DHS grant is funding the development of Alabama's Secure Homeland Access and Reporting Environment, which will merge the criminal justice and law enforcement communities' data into a statewide homeland security information system. After that time, the system will be maintained through the state's normal operating budget, said Maury Mitchell, director of the Alabama Criminal Justice Information Center.

That means that Alabama's system, and others like it, must achieve low operating costs. The objective is to build solutions that are affordable and scalable, said Tom Richey, director of homeland security at Microsoft. Company officials have worked on homeland security projects with representatives of Alabama's and other state and local governments.

Adhering to standards is one way to reduce costs. Alabama officials have chosen the Justice Department's Extensible Markup Language protocol for sharing information. The use of a common standard shrinks development time, which also saves money.