In the aftermath of the latest installment of the WikiLeaks saga, at least one company is coming out clean and happy: TeleCommunication Systems Inc., a provider of military-grade technology, was awarded a $49M contract with the Department of Defense. The Mission: Provide technology training to the government’s cyber security workforce. (Can anyone cough and simultaneously say, “After the fact”?)
The partnership with the DoD comes directly from the higher-ups, with support from Obama’s government workforce development effort and Cyber Security Coordinator Howard Schmidt backing the deal. Part of the five-year contract, which includes five option periods, is TCS’s Art of Exploitation University program, launched in May. The Annapolis-based company’s AoE University has already enrolled 1,500 students since its launch, teaching the gamut from computer network security, information assurance, network defense, penetration testing, forensics analysis to cyber intelligence. Hopefully the hands-on learning and real-life simulations will include the proper response to burning Lady Gaga CDs?
TCS’s shares rose $0.07 following the deal on Friday, and the company has since purchased Trident Space & Defense LLC, a private producer of wireless communication systems. The purchase, the company’s fourth of 2010, is expected to expand TCS’s reach to foreign government and commercial companies, where Trident has business. The DoD contract is one on a list of contracts TCS has landed with the U.S. Navy – worth $315M, the Army – worth up to $9.6M, and the Marines – worth $269M.
But is the Department of Defense’s money well-spent? Frank Ohlhorst makes a great point about the hardest leak to plug in IT:
Most, if not all, of these requirements rely on technology to enforce compliance. WikiLeaks teaches us that it is the human factor and not technology that leads to the most damaging of breaches. All it takes is one disgruntled employee to destroy the security around intellectual property, private data or corporate secrets. But how can one build technology to prevent that?
There is no simple answer. Perhaps the only way to handle these situations is with the threat of severe penalties, and therein lays the secret to compliance technology. The enforcement of severe penalties requires incontrovertible evidence. In this particular case, technology that monitors activity and audit usage can become the key to plugging leaks.
If users are properly educated on the implications and penalties involved in disseminating unauthorized information, and are informed that access is tracked in numerous ways, perhaps technology can prevent the issues now plaguing the U.S. Defense and State Departments.
Though the government can’t be criticized for trying, it can be criticized for falling into the oldest pattern in information technology: Learning which vulnerabilities to secure after they’ve been compromised.
Do you think TCS’s reputation is enough to help secure what’s already proven pretty faulty? Let me know in the comments or send me an email at Melanie@ITKnowledgeExchange.com.