Leidos lets go of commercial cyber

Leidos is doing a bit of portfolio shaping by jettisoning its commercial cyber business through a sale to Capgemini.

Terms of the deal were not disclosed and it is expected to close by the end of 2018. About 500 cybersecurity professionals will move to Capgemini.

The company declined to disclose the revenue of the commercial cyber business, but the Washington Business Journal reported in February 2017 that the business had about $100 million in annual revenue.

This move adds Leidos to a list of other government contractors, particularly defense companies that have tried and failed to make commercial cyber an integral part of their business.

“This is certainly not a new trend,” said Angela Heise, president of the Leidos civil group. She also ran the commercial cyber business for two years when it was part of the Lockheed Martin Information Systems and Global Solutions business Leidos acquired in 2016.

“This is something that has been done over and over,” she said.

Often these divestitures have come a few years after the companies made an acquisition of a commercial cyber entity thinking that they could crack the commercial market.

Boeing bought Narus in 2010 and then sold it in 2015 to Symantec. General Dynamics bought Fidelis Security Systems in 2012 and sold it to a private equity group in 2015. Northrop Grumman developed its own commercial cyber arm that became BluVector and sold it in 2017 to a private equity group. ManTech International divested its commercial cyber business in 2015.

In the case of Leidos’ commercial cyber business, it traces its roots back to Lockheed. Heise said that Lockheed was developing its own commercial cyber business and merged it with Industrial Defender when that company was acquired in 2014.

This also is Leidos’ second commercial cyber divestiture. When it still held the Science Applications International Corp. name, it acquired CloudShield Technologies in 2010 and then sold it to LookingGlass Cyber Solutions in 2015.

The one exception -- so far -- is Raytheon, which created a joint venture known as Forcepoint to house commercial cyber work.

So why is commercial cyber so hard for government contractors?

“The commercial cyber market is very disaggregated and that makes the sales cycle and how to do business a lot different that the government market,” Heise said.

The commercial market moves at a different pace and makes demands on the sales force that you don’t generally experience in the government market.

Heise shared a story of going to the annual Gartner cybersecurity conference and seeing hundreds of logos of companies marketing themselves. She went again the following year and saw hundreds of logos of more companies.

“There are so many services and products that are flooding customers and CIOs in the commercial space,” she said. “You have to maintain a really strong sales force that has the relationships with the CIOs and you have to constantly be evolving to react to all the new entrants to that space.”

That is very different from the government space and the way they buy. Leidos has long-term relationships with their government customers through cybersecurity and enterprise IT services, she said.

“The commercial market is different from a buying perspective and a market perspective,” Heise said.

Commercial products are used in the government market, but “there are so many new entries and in the commercial space customers are more open to changing out and trying new things on a more regular basis from a product perspective,” she said.

Leidos is of course keeping a substantial cyber business focused on the government market and highly regulated commercial industries such as utilities and health care, particularly protecting the power grid and hospital networks.

Heise said 1,500 cyber professionals will remain with Leidos. Among their major cyber projects is the Homeland Security Department’s Security Operations Center, a $395 million contract it won in April 2017.

Leidos also continues to provide cybersecurity services for the DISA Global Information Grid through its $4.6 billion GIG Services Management-Operations, or GSM-O. Ironically, that contract was won by Lockheed in 2012 and protested by SAIC, which later became Leidos and the buyer of Lockheed’s IT business.

The divestiture will allow for sole focus on the government market and regulated industry customers, where the company sees a lot of growth opportunities, particularly around enterprise IT and IT modernization, Heise said.

And as the former leader of the commercial cyber business, Heise said she is excited for those employees.

“It is a great move and they’ll have a lot of potential with Capgemini,” she said.