Cyber Alliance Raises Mores Questions Than It Answers

On November 12, 14 companies that play in the cyber security business announced an alliance. Built around some well known capabilities in software (such as RSA’s in encryption), hardware, and services, the group offered itself as a  collective resource to the government and other customers.

So What? Right now, the government can draw on almost any combination of companies and universities it wants through a variety of vehicles. Funding is increasing smartly, but product and company differentiation are hard to achieve.

This alliance is purely for marketing, as well as creating some identity for upcoming cyber bids. Some of the 14 firms already team—or compete.

The 14 companies clearly believe there is magic in their assemblage, led by the biggest government contractor, Lockheed Martin. Last week LM christened a laboratory and testing facility, with capabilities that other, larger players in cyber
security, such as SAIC and Booz Allen Hamilton, already have for cyber solutions research and evaluation.

In addition, with some potentially vexing legal and business challenges to form an alliance, and the government’s  hesitance to say what incentives are acceptable between alliance members, customers  may have some reluctance to deal with the alliance.

Among the subjects that must have kept quite a few attorneys and business executives busy when forming the alliance are the following:  (1) organizational conflicts of interest identification and mitigation; (2) safeguarding national security and
proprietary information held by one alliance members from others without a need to know); (3) respective roles in opportunity management and revenue generation; (4) dealing with existing contractual and teaming arrangements with
companies in and outside of the alliance.

As they are not cornering the cyber market, there’s no particular anti-competition angle to defend against, but there may not be squawks from small business if the alliance ever makes a splash.

Further, there is an elephant-in-the-room issue regarding what is permissible to bind together companies in IT-related alliances. It is coming up on two years since the Justice Department threw a chill into IT suppliers of all sorts when it joined a whistleblower’s suit regarding the incentives IT alliance team members give each other. The suit remains
unsettled, and even firms that have voluntarily come in for settlements, such as IBM, don’t know what the government will find acceptable. The three companies being sued—Accenture, Sun, and HP—show no sign of settling.

Since many of these legal issues tend to raise red flags and yellow lights, it is one more reason to view the alliance as a trial balloon at best. The mechanics–the fall out of all the issues that need to be resolved within the collective of the 14  firms—may be of more interest to government and industry than some of the cyber capabilities being offered.