IT Lobbies for Cyber-Security

The swelling sum spent by the tech industry in Washington results not only from organizations boosting expenditures in recent years but also from the arrival of a new IT lobbying subset-cyber-security.

The swelling sum spent by the tech industry in Washington results not only from organizations boosting expenditures in recent years but also from the arrival of a new IT lobbying subset—cyber-security.

In October 2001, shortly after the Sept. 11 terrorist attacks, several network security companies registered on Capitol Hill for the first time, including SecureInfo Corp., of San Antonio; Symantec Corp., of Cupertino, Calif.; and SecureLogix Corp., also of San Antonio.

Since then, many other cyber-security companies joined the growing lobbying ranks, including Internet Security Systems Inc., of Atlanta; CyberGuard Corp., of Deerfield Beach, Fla.; and iDefense Inc., of Reston, Va.

These companies provide a snapshot of the path emerging businesses often take in establishing a voice on public policy. In the first half of 2001, they had almost no presence in Washington, and by 2003 they were spending more than $1.2 million annually to influence the government.

Network security companies with lobbyists in Washington prior to the Sept. 11 attacks sharply accelerated their lobbying in the ensuing years. VeriSign Inc., of Mountain View, Calif., more than doubled its reported lobbying costs between 2000 and 2004, from $220,000 to $450,000. Entrust Inc., of Addison, Texas, quadrupled its lobbying expenses between 2001 and 2004, from $60,000 to $240,000.

The number of issues that the cyber-security companies have lobbied on since 2001 has expanded as fast as the expenditures, illustrating the typically ballooning interests in pubic policy that companies acquire after setting roots in Washington. The focus moves from matters specifically related to a companys core line of work to more general business concerns, insiders note.

When Symantec first hired lobbyists in Washington in 2001, the focus was on computer security legislation, including the Critical Infrastructure Information Security Act and the Cyber Security Research and Development Act. But by last year, it had piled numerous broader business concerns on its agenda, including stock-option expensing, taxes, class action reform and intellectual property.

The same expanding agenda holds true for IT security companies with deeper roots here in Washington. Network Associates Technology Inc., which changed its name to McAfee Inc. last June, counted one item on its lobbying program in 1999—encryption export controls—and it paid less than $10,000 to handle it. By last year, the Santa Clara, Calif., company was lobbying on bills covering patent and trademark fees, stock-option expensing, and intellectual property rights, among other things.

Last year, several network security companies came together to form the Cyber Security Industry Alliance, hiring Paul Kurtz, former special assistant to President George W. Bush, to serve as executive director. With more than 20 federal bills pending that have something to do with cyber-security—from spyware, phishing and ID theft to accelerating broadband deployment and creating a position for an assistant secretary for cyber-security—those in the industry are battling to ensure that new laws do not leave them at risk.

"We will probably have a number of bills passed that deal with these issues individually," Kurtz said in a recent interview. "Without a doubt, there is a need for an individual voice on security."

Federal lobbying can ensure that a companys voice is heard not only on Capitol Hill, where laws are made, but also throughout the government, where policies are implemented and products bought. Since arriving on the scene during the last few years, cyber-security companies have expanded their reach to every corner of the U.S. government.

While staying focused on information security since hiring its first federal lobbyists in 2001, SecureInfo has covered more ground each year. When the company first dipped its toes into the lobbying pool, it spent $60,000 to make contacts with the Department of Defense and the Department of Health and Human Services as well as Capitol Hill. Last year, it spent $200,000 to expand those contacts to agencies as diverse as the departments of Agriculture, Energy, Interior, Treasury and Homeland Security.


Check out eWEEK.coms for the latest security news, reviews and analysis. And for insights on security coverage around the Web, take a look at Security Center Editor Larry Seltzers Weblog.