As federal spending on national security has leveled off in recent years, big defense contractors have worked hard to secure a role in one of the few market segments expected to keep growing: cyberwarfare. It’s a relatively new field where the terminology hasn’t stabilized yet, but for the purposes of this posting, cyberwarfare means three things: attacking enemy networks, exploiting enemy information flows, and defending friendly networks. Most of the money Washington is currently spending on cyberwarfare goes to the latter activity — securing friendly networks — but offensive activities seem to be growing faster over time. They’re really just different sides of the same coin, since it’s hard to be good at defending computer networks if you don’t have a thorough understanding of how to attack them.
The cyber goldrush was sparked in 2008 when President Bush signed two directives establishing a Comprehensive National Cybersecurity Initiative in response to the growing number of digital assaults on federal networks. The initiative was a signal to industry that a new demand driver had appeared in the marketplace just as everyone was getting ready for a prolonged downturn in military purchases. Seeing few other domestic opportunities on which to place bets with the cash they had accumulated during flush years, military contractors poured into the cyberwarfare field, building operations centers, purchasing niche players, and competing aggressively for contracts. The thinking was that cyber threats would keep proliferating for the foreseeable future, and defense companies were more likely to have the necessary clearances and market knowledge to compete in cyberwarfare than outsiders like Google or Microsoft.