WASHINGTON — In addition to its investment in its Cyber Operations, Development & Evaluation (CODE) Center, Raytheon spent $1.57 billion last month to acquire Websense, a move CEO Thomas Kennedy says will help Raytheon tap into the commercial cybersecurity market.
The new entity will combine Websense with Raytheon Cyber Products, which Raytheon has been building up by acquiring 14 cyber-related companies since 2007.
"We made a decision back in September 2013 to get into the commercial cyber business," Kennedy said. "We have been getting ourselves and our side ready to go do that, but we know we needed the market channels into that marketplace, so we were essentially looking for properties or companies that we could essentially acquire to provide us those market channels. But it was something that had a state-of-the-art platform that we could integrate into and kind of accelerate our move, and we found that with Websense."
Websense's TRITON software fits well with the expertise Raytheon has developed in various aspects of cybersecurity, he said.
"The platform is wide, and has a lot of capabilities, but you can buy the platform and just get one of the capabilities, for example, email security. You can get data loss prevention security, you can buy them as you want, but they essentially all have the same user interface, and also have data analytics that go across them," he said.
Vista Equity Partners, the private equity company that financed the deal, put up $335 million of its own money to retain a 19.7 percent stake in the new firm.
"They think this concept of providing defense trade cybersecurity to the commercial marketplace is something that has strong legs, and want to be part of it," Kennedy said.
Bob Stasio, a fellow at the Truman National Security Project who previously worked at the National Security Administration's Cyber Center, US Cyber Command and the cyber security consulting firm Ronin Analytics, said many legacy defense contractors would like to make inroads into commercial cybersecurity, in part because that's where the largest growth potential is.
"The problem is, now they're starting to compete with cyber companies that have been around for a while, like Symantec and RSA. It's a space they're not really familiar with, there's an enormous amount of entrenched competition," Stasio said.
Big defense contractors are used to meeting the requirements and specifications of government contracts, while commercial cybersecurity firms are used to approaching problems more creatively, he said.
"[Heritage defense firms] don't realize how challenging the market is and how competitive it is. What they're used to in the defense space, we have an obligation to protect our networks due to law," he said. "The commercial mindset is, 'Let's weigh the risk in terms of investment.' "
Stasio rejects the conventional wisdom that top cyber talent wants to work on the biggest challenges, so they naturally gravitate to the private sector. Protecting government networks from cyber attacks represents some of the most demanding problem solving, he said.
"In some ways, the government cyber space has the most appeal. If I want to do unique offensive cyber capabilities, you can only do that within DoD."