Cybersecurity is fast becoming good business for K Street.
The question of how the country should defend against online threats has received increased attention from Congress and from President Obama, who took executive action last month to try and prevent attacks on the country’s networks.
Robert Efrus, a long-time Washington hand, is one of many lobbyists working the issue.
“It is a growing niche on K Street,” Efrus said. “I think there are a lot of new players that are seeing action with the executive order and legislation being on worked in Congress, not forgetting the funding opportunities. A lot of tech lobbyists have upped their involvement in cyber for sure.”
Efrus was a vice president at the K Street giant Van Scoyoc Associates for 10 years, before starting his own firm, Efrus Federal Advisors, on Jan. 1. He has registered eight clients since then, primarily software companies like the security firm Symantec, records show.
“From a lobbying perspective, with everything else going south, this is one of the few positive developments in the whole federal policy arena,” said Efrus, who worked at NASA and on Capitol Hill for former Sen. Paul Trible (R-Va.).
It’s not just tech companies that are concerned about cybersecurity. Companies that run critical infrastructure in banking, energy and transportation are facing increased demands from the government to bolster their security.
“Financial services, telecommunications, transportation — all these industries are concerned about cybersecurity. They are all registering to lobby on it too,” said Matt Tanielian, co-founder of the Franklin Square Group. “It is not just a technology issue anymore.”
Tanielian said his firm gets questions from all its clients on the issue. Franklin Square Group even signed up a new client last August — Salesforce.com, a San Francisco-based cloud computing company — that wants help keeping tabs on cybersecurity developments, according to records.
Lobbyists note that cybersecurity is one of the few areas where budget-conscious lawmakers are looking to spend.
In a funding resolution passed on Wednesday, the House gave greater flexibility to the Homeland Security Department on how to spend more than $1.1 billion in cybersecurity funds, including $218 million to help pay for “continuous monitoring” of federal computer networks and other activities.
“It demonstrates significant commitment from the administration and Congress to beefing up our cyber defenses,” Efrus said. “In a [continuing resolution] budget, it’s a big deal.”
Others on K Street predicted that federal money is on the table.
“A lot of localities and towns are looking for cybersecurity grants,” said Al Thompson, a principal at Mehlman Vogel Castagnetti. “The Pentagon sees a need for a greater focus on cyber, and of course the resources will follow that.”
Cybersecurity moved to the top of the agenda in the business world last month when security firm Mandiant accused the Chinese military of stealing trade secrets.
Those allegations could push lawmakers into taking action. The House and Senate failed to agree on cybersecurity legislation last year, but both chambers have renewed their efforts in the new Congress.
The House Homeland Security Committee had planned to hold a hearing on cybersecurity on Wednesday, but the event was postponed due to the inclement weather. Lobbyists had planned to help fill the hearing room, but will have to settle for Thursday’s joint hearing of the Senate Commerce and Homeland Security panels.
Thompson, who was one of the first aides to work for the House Homeland Security Committee, said a growing number of congressional committees are taking an interest in cybersecurity.
“Cyber probably takes up the bulk of my time now over the past year,” Thompson said. “It was once cap and trade. Now all I do for our energy clients is cyber.”
Rapid7 Inc., a Boston-based company that assesses cybersecurity threats, hired Thompson’s firm last year to keep track of cybersecurity legislation.
Elizabeth Frazee, co-founder of TwinLogic Strategies, said the House Energy and Commerce as well as Judiciary Committee could take an interest in cyber protections. She noted companies are seeking liability protections from the government if they share their data with federal authorities or with each other.
“They feel they need to be given an exemption from that liability,” Frazee said. “That’s where the Judiciary Committee comes into play.”
The White House has put the spotlight on cybersecurity with Obama’s executive order. The directive is designed to improve information-sharing between government and companies while creating a set of voluntary guidelines for critical infrastructure firms to improve their own cybersecurity.
Senior Obama administration officials traveled to San Francisco last week for the RSA Conference to encourage collaboration with industry on network protections. The White House has also been adamant that the order can only do so much, and that comprehensive legislation is needed to prevent a damaging cyberattack.
The U.S. Chamber of Commerce has voiced concerns about the executive order. The business group has pushed back against what it calls potentially burdensome regulations and helped defeat cybersecurity legislation in the Senate late last year.
“There is a typical push-pull between the need to protect and whether this is too burdensome,” Frazee said. “Should the approach be top-down regulations, or should the private sector be given room to protect itself and customers?”
Another issue in the mix is privacy. The American Civil Liberties Union (ACLU) has been vocal about the need for privacy protections as the government looks to collect more information about online threats.
The civil-rights group favors the approach taken by Obama’s executive order and has been critical of cybersecurity legislation introduced this year, such as the Cyber Intelligence Sharing and Protection Act.
“We do oppose the expansion of information-sharing to private user information, creating a free-for-all, under the rubric of cybersecurity,” said Michelle Richardson, legislative counsel at the ACLU, who was scheduled to testify before the House Homeland Security Committee on Wednesday.
Lobbyists said Washington would continue to focus on cybersecurity even if legislation is passed this year.
“This is just one fix along the road to what will to have be many fixes as the threats continue to evolve,” said Tanielian with Franklin Square Group.
Jennifer Martinez contributed to this report.