Fear, Inc. How homeland security became the biggest market opportunity since the dotcom boom. By Evan Ratliff
http://www.wired.com/wired/archive/13.12/homeland_pr.html A terrorist would kill for this view. The 11th-floor office of Fortress America, an Arlington, Virginia, company located at the heart of the disaster economy, is surrounded by opportunities for mayhem. To the west, the suburbs of Washington, DC, sprawl toward Dulles International Airport, the transit point for 63,000 passengers a day. The Pentagon lies a few miles southeast, and still higher-profile targets - the White House, Capitol Hill - are just east, across the Potomac. At the base of the building, a DC Metro station handles thousands of commuters every day. But when Tom McMillen looks out these windows, he sees different opportunities - for baggage screening machines, biological and nuclear sensors, data analysis software, video surveillance, and high tech gear for emergency personnel. McMillen founded Fortress America last winter as a corporate shell, or so-called blank check company. In July, with no product, no revenue, and certainly no profits, he managed to raise $46.8 million in an IPO based on a simple promise: to spend at least $30 million acquiring a company in the business of preventing, deterring, or cleaning up after a disaster. Now he's looking for somewhere to invest the money. At 611, McMillen is a commanding presence with white hair and an imposing baritone. His résumé is a fantasy combination of sports, politics, and business: Rhodes scholar, NBA first-round draft pick, 11-year career as a center on four teams, three-term US representative from Maryland, successful Beltway businessman. But on a September afternoon in Fortress America's offices, crammed into an ergonomic chair, he's basically a team of one. "We're still staffing up in here," he says, waving a long arm toward a room of vacant cubicles. Actually, McMillen has no plans to hire anybody. There wouldn't be much to do anyway. So how does someone raise millions in the public market with nothing more than a vague pledge to buy something? The answer to that question stretches back to 1972. "I was very young, 20 years old," he says. He was playing for the US basketball team at the Munich Olympics when 11 Israeli athletes were taken hostage by Palestinian terrorists. All of the hostages died, two in their room, the rest in a bungled rescue attempt at the airport. "At the time I said to myself, it won't be long before this comes to America," McMillen recalls. "It took 30 years." During that time, he says, as Europe and Israel began fostering strategies to defend themselves against terror, the US failed to develop the mentality - or technology - to protect its citizens. After 9/11, McMillen decided it was time to suit up. Fortress America is one of three ventures he founded to capitalize on a society increasingly preoccupied with disaster. Global Secure, which he helped start in 2003 by combining three smaller companies that sell first-responder training, technology, and equipment, filed for a $100 million IPO in August. (McMillen now has no official role with the company but remains one of its largest shareholders.) The company's prospectus says it anticipates more than $15 billion in federal spending in the "critical incident response marketplace" in the next year. In August, McMillen took over a company called Celerity Systems, turned it into a Fortress America-style outfit focusing on acquiring startups for less than $30 million, and promptly renamed it Homeland Security Capital. To run Fortress America, McMillen, a Democrat, has assembled a team of advisers that includes former Republican senator Don Nickles and former Republican representative Asa Hutchinson, who also served as an undersecretary at the Department of Homeland Security for two years. About $40 million of the IPO money sits in an escrow account, while McMillen and the company's CEO, a tech industry veteran named Harvey Weiss, sift through acquisition targets. "There were probably a thousand new companies on September 12 that didn't exist on September 10, repackaging what they knew as an antiterrorist or homeland security initiative," says Weiss. "A lot of those failed. But the government has spent a lot of money in research and development, giving very bright PhDs and laboratories a lot of dollars to develop new things quickly." McMillen and Weiss aren't the only ones combing the homeland security landscape. In fact, Fortress America isn't even the only blank check corporation in the building. Richard Clarke, former counterterrorism czar and author of Against All Enemies: Inside America's War on Terror, has a firm called Good Harbor Partners that's headquartered eight floors down. Clarke is taking Good Harbor public even though, like Fortress America, it's little more than a promise to be a holding company. The firm's prospectus says it plans to use its cash to acquire a firm that specializes in areas like "threat management, crisis management, and risk mitigation." Welcome to the homeland security industrial complex, a world where doomsday scenarios double as marketing pitches, patriotism mingles with capitalism, and the spoils go to whoever can placate a skittish society. "The best thing that will happen is that we will never have a nuclear event in the United States, never have a sarin gas event," Weiss says. "But do you know how much money is going to be spent" preparing for such events? "It's only a matter of time before someone finds something bad in a container coming through the port of Baltimore, Charleston, or Long Beach." A decade ago, optimism about how technology would connect the planet, reinvent commerce, and revolutionize society gave rise to the dotcom boom. When optimism turned into fevered speculation, the economy crashed. Now another mania is taking hold. It's predicated on fear and funded by a drive to defend against, prepare for, and recover from perils both man-made and natural, real and imagined. For every nightmare scenario - a nuclear weapon in a shipping container, a suicide bomber in the subway, an avian flu pandemic, another killer hurricane - there are entrepreneurs and venture capitalists and consultants promising to help. And the government is ready to spend money to confront these problems - or at least to look like it's doing so. Feature: Fear, Inc. Plus: Profits of Doom The industry, sparked by 9/11 and fueled by devastation in Bali, Madrid, London, and now New Orleans, is centered inside the Beltway but reaches out across the country to government labs, corporate boardrooms, city councils, and inventors' garages. Businesses from small tech startups to huge defense contractors are selling everything from biometrics and data backup to cryptography, vaccines, and every type of WMD sensor or explosive sniffer imaginable. Unsettling times are boom times. The government is spending billions of dollars subsidizing R&D for technologies that both threaten privacy, like video surveillance and data mining, and those that protect it, like encryption, network security, and anonymization applications. VCs and Wall Street are spending billions more. Private corporations, increasingly concerned for the safety of their operations and data (think about those empty office towers in downtown New Orleans) have joined the security frenzy. Spending projections echo the dotcom predictions that once poured forth so liberally from research firms like Forrester and Jupiter: a $400 million-security sensor market for 2005; an $800 million video analysis market by 2009; $10 billion for biometrics and $36 billion for physical security technology (such as body armor and explosives screening) by 2007. The industry is thought to be worth up to $200 billion today. Dotcommers once excited prospective investors by touting the potential of ubiquitous connectivity. "Imagine a world where ... ," the refrain began. Players in the security industry usually preface their pitches with "God forbid that ... ," and close with a call for government money to prevent this or that inevitable catastrophe. "In a perfect world it would be nice not to have to spend these dollars," McMillen says. "There are very few industries that have a constitutional imperative. It doesn't say in the preamble to provide for health care, to provide for welfare, to provide for education. But it does say to provide for the common defense." For the leaders of the disaster economy, this is a chance to mix business with service to country. But make no mistake - business is business. "This is not a green movement," McMillen says. "Most people look at it a little more dispassionately." In the disaster economy, all roads lead to the federal government, which is spending liberally on massive initiatives, from the $5.6 billion Project BioShield, launched last year to procure bioweapon vaccines and treatments, to $172 million to protect the food supply and the $6 billion to $10 billion for the purchase of avian flu meds. Much of the money is tangled in red tape - biodefense companies complain that Project BioShield is plagued by delays - but the sums that escape amount to a massive injection of capital. The Department of Homeland Security, created in 2002 in response to 9/11, has a $49.9 billion budget, of which $9.5 billion is considered "actionable for the private sector," according to a report from DC analyst firm Civitas Group. That makes DHS the single biggest funder of disaster-related technologies, awarding contracts ranging from a $244,000 project to design an "underwater loud-hailer," intended to warn divers who are approaching restricted areas, to a $10 billion immigration data and biometrics system called US-Visit. The department's Science and Technology Directorate, the hub of the government's homeland security R&D efforts, occupies two floors of an office building in downtown Washington. A mishmash of subdepartments and programs, including the Homeland Security Advanced Research Projects Agency (or Hsarpa, a conceptual cousin of the Pentagon's Darpa), the directorate will dole out $1.4 billion in R&D money next year. For anyone seeking cash to build a homeland security widget, this is the place. In a generic conference room, three of the department's directors sit down with me to explain how the money gets dispensed. "The true source of innovation is the private sector," says Peter Miller, acting director of Hsarpa's Mission Support Office. Miller says that Hsarpa is inundated with companies responding to proposal requests or simply offering up their own security products. "People are really thinking," Miller says. "The innovation is there." The directorate's budget has jumped 13 percent for 2006, reflecting a growing DHS emphasis on private technology development. "We don't make things," says Jane Alexander, Hsarpa's deputy director. "If it doesn't come from industry, we are not going to be able to get it." When a disaster like Katrina exposes flaws in the government's response, it creates even more opportunities for technology. Finding federal dollars for your $150 million robotic levee may prove considerably easier now than it would have been in the past. In selecting investments, Miller and his colleagues start with what they consider the most urgent threats and try to establish whether technologies can be quickly developed to mitigate them. The final products generally need to be cheap enough to attract the largest buyers of security goods: state and local governments. They can spend federal grant money on interoperable communications - or, says Richard Clarke, waste it on "bullet-proof vests for canine-unit dogs." Because the Science and Technology Directorate has little authority to mandate that government agencies adopt its investments, it operates more like a VC firm than a traditional national security R&D lab. It places wagers on almost-there technology that it hopes the public sector will embrace - and it leaves blue-sky research to others. "We're not into the idea of just raising the level of science because science is beautiful," Alexander says. "We want deliverables." "Homeland security is too important to be left tothe government," says retired lieutenant general Ken Minihan. That might as well be the slogan for the Paladin Capital Group. Minihan, a former director of the National Security Agency who earned a bronze star in Vietnam, offers up the phrase shortly after I meet him in the VC firm's offices, four blocks from the White House. Homeland security, he continues, "is where you live; it's where you work." Venture capitalists are following the government money into this world of eternal vigilance, looking for smart bets among the thousands of security-related tech firms. Paladin raised a $235 million fund last year devoted entirely to small to medium-size companies that help "prevent, defend, cope, and recover" from disaster. That covers everything from network protection to alternative energy. The fund's portfolio includes 14 companies developing technologies like "millimeter wave" screening machines that see through clothes, software that runs emergency operations centers (including one in post-Katrina New Orleans), and a silver-based substance that kills bacteria. Each week, 10 to 20 potential investments walk through the door. "I've been in private equity since the early '90s," says Michael Steed, Paladin's managing director, "and I've never seen a sustained deal flow like this." Feature: Fear, Inc. Plus: Profits of Doom Paladin may be the highest-profile VC firm in DC - the Kleiner Perkins of homeland security - but it's hardly alone. Other defense-oriented venture firms, like the powerful Carlyle Group and the CIA's own In-Q-Tel, are joined by the West Coast VC firms more commonly associated with Internet and biotech startups. "Every fund is seeing how big the trough is and asking, How do I get a piece of that action?" says Roger Novak of Novak Biddle Venture Partners, a Bethesda, Maryland, firm that invests heavily in homeland security startups. "When the IT industry shut down, post-bubble, guess who had all the money? The government." Getting a piece of that money takes more than a good business plan. It requires knowledge of policy and access to government decisionmakers - whether members of Congress who oversee budget allocations or Hsarpa managers who hand out contracts. Which is why Paladin employs a cast of former government heavyweights, including Minihan from the NSA; James Woolsey, a former director of central intelligence; and H. Lee Buchanan, a former deputy director of Darpa. "The complexity here is understanding the government's business model, where the money is," Minihan says. Fortress America is also backed by extensive political contacts. "We can make a good strategic introduction to any elected official in the United States," boasts Weiss, "from the president to every governor and mayor in the country, or any major defense contractor." Government money is notoriously flighty - commonly a victim of budget cuts, always chasing after the latest panic - and so homeland security VCs talk about dual-use investments. "They have to have customers on the commercial side and on the government side," says Steed. One Paladin company, SafeView, has sold millimeter-wave screening machines to airports and the Army, for example, but anticipates selling thousands more to prisons, courthouses, and office buildings. Because the private sector owns as much as 90 percent of the critical infrastructure in the US, VCs are betting that pressure from both the government and insurance companies for more security spending will continue. After all, says Jonathan Silver, managing director at Washington-based VC firm Core Capital Partners, "We only inspect 2 percent of the containers that come into the country. It's not like the problem has been solved." "Business incubator" - the phrase evokes Silicon Valley, circa 1998, a bland office park housing 18 startups in various stages of development, all hoping to hit it big in a fledgling market. Move the building from Palo Alto to a leafy commercial district outside of Annapolis, Maryland, and you have the Chesapeake Innovation Center, "America's first business incubator focused on homeland and national security." There's no talk at CIC about dotcom this or e-that, no scooters racing down the hallway or foosball tournaments in the break room. Here it's all about security. Mysterious figures come and go, declining to offer a name or a business card. And companies in "stealth mode" are just as likely to be hiding their ideas from terrorists as from competitors. "We're not just trying to make money here," says CEO John Elstner. "We're trying to create a mechanism for technologies that will help save our children from a bunch of wackos." CIC hosts a diverse roster of startups. Moozatech, a security assessment company founded by a former Israeli intelligence agent, has its one-room headquarters here, not far from a three-person outfit that's developing network monitoring technology started at the NSA and "based on thermodynamic principles." Upstairs are the offices of Red Cell Associates, a firm founded by James Liddy, a former Navy SEAL and the son of G. Gordon Liddy. On the bottom floor, PharmAthene, the largest of CIC's companies, is working on potential treatments for anthrax and nerve gas exposure. Elstner's shop serves as matchmaker, introducing these startups to officials at government agencies like the NSA and to big contractors like Northrop Grumman Entrepreneurs file into the incubator's offices daily, PowerPoint presentations in hand, hoping to get financial support from CIC and piggyback on the company's infrastructure. The real goal, of course, is to score a big contract. How does the incubator choose from among the legions of companies with a security technology and a story? "We don't actually take business plans, because we don't want to read all the bullshit," says Elstner, a former hydrogeologist. "We ask very specific questions about what we want to know." Elstner mostly wants technologies that the government is already interested in. CIC's real customers, he says, "aren't little companies. They are the agencies, the intelligence communities, the military, the prime contractors - the investors that are charged with creating full solutions to the problems associated with homeland security." Combined, CIC's in-house firms have raised more than $100 million in funding. CIC itself is a microcosm of the homeland security industry, where the players are motivated by a mixture of hard cash and higher calling. "We are not celebrating that there is this huge industry blossoming around protecting ourselves from terrorism," Elstner says. The ebullience of the dotcom era is a relic, he adds. "But there is big business going on, and CIC is in the middle of it." On July 7, when US markets opened to the news that four bombs had exploded on the London public transportation system, homeland security-related stocks took off. To cite just two examples, Verint Systems, which makes software for surveillance systems, closed up 12.5 percent, and Viisage, a face-recognition and biometrics firm, climbed 8.4 percent. Over the past four years, homeland security indices like the one managed by Cronus Capital Markets have outpaced the Dow Jones and the Nasdaq. In uncertain times, the companies prosper; in mass panic, their stock prices spike. "People view homeland security as a hedge," Fortress America's McMillen says. "If a Stinger missile is shot at a plane in this country and the president has to shut the [airline] grid down, most of the market will come crashing down except for these homeland security stocks." The disaster industry can already claim its share of flashy IPOs: Fingerprint-recognition company Cogent Systems raised $229 million on the Nasdaq last year; shares jumped 50 percent on opening day. But going public is only one exit strategy. The largest defense contractors, like Lockheed Martin, Boeing, and Northrup Grumman, together with systems integrators like L-3 Communications, Unisys, Computer Sciences, and SAIC, are all busy scouting homeland security-related acquisition targets. These are the Microsofts and HPs of the disaster economy. They know how to squeeze money out of fixed-margin contracts, and they have employees with the proper security clearances to do sensitive work. "We look at the changing budgets for defense- and space-related activities," says Gordon McElroy, VP of Lockheed Martin's Intelligence and Homeland Security Systems division. "The growth engine is going to be in homeland security and law enforcement." Feature: Fear, Inc. Plus: Profits of Doom The big players, accustomed to billion-dollar contracts for fighter jets and satellites, are adapting to a world where money trickles out in smaller increments. In August, Lockheed Martin was awarded a $212 million contract with New York City's Metropolitan Transportation Authority to create a command-and-control security network featuring thousands of cameras and sensors. Boeing has its own lineup of homeland security contracts, including one for hundreds of millions to improve airport screening efficiency and to design next-generation cargo containers. Even failed projects can be lucrative: Earlier this year, the FBI scrapped an information-sharing system built by SAIC after spending $170 million over nearly four years. SAIC - which has hundreds of millions in other port security and IT integration contracts - recently filed for a $1.7 billion IPO. Its prospectus noted succinctly that government spending since 9/11 has had "a favorable impact" on business. The contractors often hand off bite-size subcontracts to smaller players. As part of the MTA project, for example, Lockheed Martin will subcontract a technology designed to detect a suspicious person or package in a restricted area. There are dozens of companies to choose from. In other cases, the big companies merely buy one or more of the tech startups that, in effect, serve as secondary R&D labs. In 2004, General Electric capped off a homeland security spending spree by acquiring the baggage screening company InVision for about $900 million. Four months later, the giant data aggregator Lexis/Nexis acquired Seisint, a data analysis firm that had a number of homeland security projects underway. (The deal has since been marred by privacy and data theft concerns.) At least a dozen $50 million-plus homeland security acquisitions have closed in the past two years alone. Judy Marks, Lockheed Martin's president of Transportation and Security Solutions, says this type of dealmaking will drive innovation. "There are threats we can imagine that will spawn technologies we haven't even thought of," she says. There's little fear in the industry that government spending will abate any time soon. If anything, insiders insist, the government is in catch-up mode. Washington may be a squabbling, partisan bureaucracy, but there is one thing that politicians can agree on: It's important to look tough on disasters. No elected representative wants to be seen as having rejected funding for the prevention of a catastrophic event that actually occurs. "We are in year four," says Scott Greiper, a global security analyst at the investment bank CE Unterberg-Towbin, referring to an industry calendar that begins on 9/11, "but we are on the 10-yard line when it comes to the money that has to be spent." The 10-yard line. It's a familiar metaphor, echoing the old "first inning of the Internet" mantra that was so common in the late '90s. To entrepreneurs, it's a clarion call, beckoning them to pack up their ideas and bring them to Washington in search of funding. Some of those ideas are a waste of resources, opportunistic bids for government pork. Some may even be dangerous distractions from real problems. Others represent innovation at its best, offering us protection from the next disaster. In a frenzy, it can be tough to know which is which. "I have a stereotypical startup's office," says Chris Sleat, the CEO of Realinterface, a medical software company that occupies a sunny corner of the Chesapeake Innovation Center. "It's a shit hole." On the floor, books like the Physicians' Desk Reference Guide to Biological and Chemical Warfare Response lie next to copies of Bio-IT World and piles of cables, monitors, and bills. The 38-year-old - a successful dotcom era veteran - founded Realinterface in 2003 to commercialize a software program to help hospitals find and register patients for clinical studies. Several university hospitals bought the technology, and one day a doctor suggested to Sleat that the same techniques could be used by first responders to determine whether a patient's symptoms indicated a bioterror agent. "He told me their EMTs wouldn't know smallpox if it sat on their shoulder," Sleat recalls. So Sleat and his 11 employees developed an application for EMTs, called ThreatScreen. Last year the company bagged its first contract, with the state of Mississippi for $1.2 million. It's a simple tool, Sleat says, but it could head off a catastrophe. "Domestic terrorists distilling castor beans into ricin," he says, "are not going to make it in approved labs and transport it in airtight containers. So there are tremendous opportunities to get them at the source, when they accidentally infect Reggie at the 7-Eleven." Sleat is philosophical about his own entry into the save-society market, and the thousands of startups around the country doing the same. The homeland security industry "has been kind of like, 'I have an electric toothbrush. Can I make it the homeland security toothbrush?'" he says, adopting his best infomercial voice as we walk to the break room. "A lot of people are kind of glomming on to this market," he adds, laughing as he pours himself a cup of coffee. "That's capitalism." Contributing editor Evan Ratliff ([EMAIL PROTECTED]), coauthor of Safe: The Race to Protect Ourselves in a Newly Dangerous World, wrote about intelligent design in issue 12.10. You are a subscribed member of the infowarrior list. Visit www.infowarrior.org for list information or to unsubscribe. This message may be redistributed freely in its entirety. Any and all copyrights appearing in list messages are maintained by their respective owners.