Spy vs. spy

[InfoSec News <isn () C4I ORG>]

http://www.redherring.com/vc/2000/1019/vc-spies101900.html

By Richard Byrne Reilly
Redherring.com, October 19, 2000

If it takes a thief to catch a thief, then it follows that it takes a
spy to catch a spy -- specifically Internet "crackers," those annoying
nerds that are a constant threat to corporate networks.

Enter Jerry Harold and Ken Ammon, two former spooks with the National
Security Agency (NSA). They started Netsec, a managed-security
services provider, in the summer of 1998, and now business is booming.

VCs like what they see. ETrade Venture Capital and Softbank Venture
Capital put $3.8 million into the startup in the past week, bringing
Netsec's total venture capital to $15 million over three rounds of
funding.

Mr. Harold, Netsec's president, and Mr. Ammon, its CEO, met while
working at the NSA. It was there that they decided to launch their
startup. Mr. Harold, who spent 12 years at the Puzzle Palace, still
retains high government security clearances, which goes a long way
toward explaining why they can point to multiple government agencies
as customers.

He and Mr. Ammon have used their considerable connections to ink deals
with such federal bodies as the Department of Defense and the
Department of Justice. The credibility of nailing down those major
customers has enabled Netsec to sign deals with a handful of Fortune
1000 companies. The firm has had revenue coming in from day one,
although it is not yet profitable, Mr. Harold says.

INTRUDER ALERT

The value proposition of Netsec, says Mr. Harold, is obvious. Netsec
provides comprehensive, moderately priced total security solutions,
such as intrusion detection, incident response, and firewall and
virtual private network (VPN) management. Its systems are installed
and operated by highly skilled geeks who at NSA were privy to some of
the world's most potent, and dark, network security secrets.

Netsec has moved aggressively to secure a piece of the hot network
security market, which is expected to grow from $3.5 billion in 1999
to $9 billion by 2004, according to Jordan Klein, an Internet security
analyst with UBS Warburg in New York. Because hackers and others are
constantly cracking security systems, there is a constant need for new
systems, and that won't change, analysts say.

Like Internet Security Systems (Nasdaq: ISSX) (ISS), Netsec is a
managed-security services (MSS) company. For a monthly fee, it
remotely manages a customer's security. MSS is expected to be the
fastest-growing sector in the Internet security industry, says market
researcher International Data Corporation.

Netsec differs from its competitors in that it designs and builds its
own hardware- and software-management systems, and it produces its own
crypto-acceleration cards, Mr. Harold says. The company installs,
monitors, and runs the systems for fees starting at $12,000 per
solution.

GOVERNMENT ADVANTAGE?

But it is precisely those attributes that make UBS Warburg's Mr. Klein
wonder if Netsec is trying to do too much all by itself. And he sees
stiff competition from established telcommunications companies and
Internet service providers who have devised their own security
solutions to thwart nefarious intruders. "You already have companies
that are market leaders who don't need to market their products based
on whether the government is using them," says Mr. Klein.

Besides ISS, Netsec's other competitors include Network Associates
(Nasdaq: NETA), Axent (Nasdaq: AXNT), and a host of others.

With a pointed jab at Mr. Harold's NSA background, Mr. Klein says,
"The product needs to be easy to use and manage -- things the
government doesn't always take into consideration."

Mr. Harold bristles at the remark. "We have a very strong vision of
what we should be doing," he says. "We're not just about sending thugs
up to Canada to beat up a hacker."

Mr. Harold is not shy about discussing some of his previous work, or
even that he's using security skills he learned at the NSA. He spent
most of his career as a linguistics analyst and later worked on
system-penetration teams working to access targeted systems.

A TALE OF TWO CUSTOMERS

Crucial to the success or failure of Netsec is whether it will be able
to meet the demands and needs of both government and businesses, and
whether it can differentiate between the two, says Charles Kolodgy, a
security analyst with IDC and a former NSA staffer himself.

"Security systems at NSA are for security's sake and are not business
oriented," Mr. Kolodgy says. "[Netsec's] key to success? It comes down
to whether people in government can relate to the security of business
needs or not."

Mr. Harold and his 59-member team, 6 of them ex-NSA staffers, aren't
worried. Indeed, Mr. Harold, who declined to provide revenue figures,
or name some of his private-sector clients, says profitability is all
but assured, with that magical day arriving in 2003. Adhering to the
code of secrecy he learned at NSA, he chose not to reveal much about
his company's path to profitability.

And like all crafty spooks, he has an exit strategy. And what might
that be, Mr. Harold? "An IPO," he says.


*==============================================================*
"Communications without intelligence is noise;  Intelligence
without communications is irrelevant." Gen Alfred. M. Gray, USMC
================================================================
C4I.org - Computer Security, & Intelligence - http://www.c4i.org
*==============================================================*

ISN is hosted by SecurityFocus.com
---
To unsubscribe email LISTSERV () SecurityFocus com with a message body of
"SIGNOFF ISN".