- Cybersecurity technologies (protecting networks from attack and preventing unauthorized access to data)
- Physical access and identification technologies
Both public and private sector organizations have increasingly complex cybersecurity and physical security technology requirements. These requirements include network security, protection of data and physical assets, security compliance, risk management, identity and access management (e.g., through biometrics, smart cards, tokens, and authentication and authorization technologies), detecting and addressing insider threats, and training. The expertise required in this field includes development of security technology, data analytics, technology policies and governance, and technology implementation. A security technology industry has emerged to fill these needs, spanning small startups to large established technology and security firms.
The public and private markets for security technology have been growing as a result of the increasing amount of sensitive data being used in government and business functions, the increase of objects connected to the Internet of Things, an uptick in high-profile data breaches at public and private organizations, and the use of new IT systems in federal offices. The federal information security market alone is expected to grow from $7.8 billion in FY15 to $10 billion in FY20 at an annual growth rate of 5.2%.1 The DC metro area had 27,246 cybersecurity job postings in 2015, far outpacing the next two markets (New York at 17,982 and Silicon Valley at 13,869).2 Cybersecurity specialists also commanded an annual salary premium of about $6,500 compared to others in the IT sector.3
Example Industries and Businesses
- Threat monitoring and detection
- Incident response
- Insider threat detection
- Digital identification
- Physical identification (e.g. biometrics)
Example Worker Specialties and Skills
- Engineering and computer science
- Post-secondary education
- IT support
- Business administration and development (e.g. sales)
- Computer user support specialists
DC’s Comparative Advantages
Based on our analysis and stakeholder interviews, DC has the following comparative advantages:
Proximity to Federal Government Agencies with Leading Security Capabilities
The DC metro area is home to national security, defense, and intelligence federal agencies with security technology needs such as U.S. Cyber Command and the Defense Information Systems Agency, as well as civilian agencies with massive amounts of sensitive data to protect, like the Internal Revenue Service. This creates a natural base of customer demand for security technology, enabling the growth of other technology firms in DC, particularly contractors, startups, and research groups.4 This demand has created a workforce with expertise in cybersecurity and other security technology, including federal employees, government contractors, and those working for innovative, data-driven security technology firms. DC also has a workforce with significant policy and legal expertise in security technology. As security requirements for government become increasingly complex and stringent, there is a competitive advantage to those that can understand these requirements, and DC firms’ proximity to the customers give them an advantage in being able to more quickly adapt to changing requirements. The size of the federal market and the cross-sector applicability of certain security technology solutions (e.g. biometrics) also means that the security solutions developed for the government have the potential to set and shape industry standards for the private sector. These regional advantages have led major Silicon Valley security technology players to open DC metro offices, both to cater to the region’s strong market and to hire from the local talent pool.
Strong Regional Ecosystem of Small Businesses, Entrepreneurs, and Federal Research Labs
Demand in the federal cybersecurity market has resulted in the emergence of a regional start-up and technology transfer cluster that pioneers technology with significant promise to shape the industry. Between 2011 and 2014, three major DC-area cybersecurity companies (NetWitness, SourceFire and Mandiant) were acquired for a total of $4.1 billion.5 These companies focus on a variety of issues across the security technology space, ranging from cyber threat prevention, employee training, and measurement and reporting. A majority of the region’s security technology startups are located outside of the District, with an especially high concentration in Virginia.6 The growth of this ecosystem has been helped by regional accelerators such as the Center for Innovative Technology and Mach37.
Activating this Opportunity Area
Based on our analysis of this sector and stakeholder interviews, the following actions could help develop this opportunity area:
Creating a Region-Wide Security Technology Network
Given the high concentration of security technology companies in the region, DC could work with Maryland and Virginia to create a stronger regional network, strengthening the resources available for existing security technology entrepreneurs and recruiting new players. This will help the region address rising competition from cities and regions such as Silicon Valley, Austin, and San Antonio. DC specifically can build on its policy and legal expertise by incubating and attracting companies focused on technology development, increasing the region’s security technology footprint. This could be done in concert with the research institutions and universities in DC. Furthermore, Washington, DC’s status as the nation’s capital and center for security and defense can help promote this network as an internationally known brand.
Supporting Government Contracting
Stakeholders reflected that while many regional entrepreneurs and small businesses have been driving breakthroughs in the security technology space, many have faced challenges in navigating the federal contracting landscape. DC has an opportunity to support these organizations and help them scale by continuing to link them to contracting expertise (e.g., companies that have gone through similar processes), thereby tapping on the local knowledge base of navigating the federal government procurement process. This could mean raising awareness of the Procurement Technical Assistance Center (P-TAC) at the Department of Small and Local Business Development, and potentially also enhancing the program.
Facilitating Technology Transfer
Stakeholders discussed security technology opportunities related to the local and regional presence of several federal research labs and large research universities. Specifically, DC can grow its security technology industry by facilitating technology transfer, helping these research centers navigate the process of commercializing innovative developments.
- “Federal Information Security Market, 2015-2020”. GovWin IQ from Deltek. October 2015.
- Burning Glass. Job Market Intelligence: Cybersecurity Jobs, 2015. Burning Glass, 2015. <http://burning-glass.com/wp-content/uploads/Cybersecurity_Jobs_Report_2015.pdf>.
- “Federal Information Security Market, 2015-2020”. GovWin IQ from Deltek. October 2015. and Monitor Deloitte Monitor Federal Market Assessment. March 2016.
- Bing, Chris. “How Cybersecurity Came to Dominate DC Tech.” DC Inno. 8 June 2015. <http://dcinno.streetwise.co/2015/06/08/washington-dc-cybersecurity-tech-companies-are-on-the-rise/>
- Bing, Chris. “7 DC-Area Cybersecurity Startups to Watch.” DC Inno. 21 April 2015. <http://dcinno.streetwise.co/2015/04/21/top-cybersecurity-tech-startups-in-dc-virginia-maryland/>