Infrastruct lands $4m to expand in Houston

Specializing in critical infrastructure, integrator starts with security vulnerability assessments
Thursday, August 10, 2006

HOUSTON--Just five years after selling Engineered Protection Services to Sonitrol, much of EPS's management team are back on board with Infrastruct Security, which on July 1 landed $4 million in venture capital to help build out a central response center here and increase its push into the critical infrastructure protection market.
Andrew Wray, Infrastruct's vice president of marketing and business development, said he, president and chief executive officer Daniel Weiss, and a few others sold to Sonitrol in 2001, spent a year working under the new ownership, and then left to spend two years out of the business, abiding by a non-compete covenant. Weiss then founded General Cabling, learning the business of structured cabling as he looked to the future of the IP and physical security convergence. When the covenant wore off, back General Cabling and Security came into the marketplace, changing its name recently to reflect a new focus on critical infrastructure.
With GC&S, "We were marrying IT convergence products with security," said Wray, "getting ahead of the market direction, so we'd be in position to reenter the marketplace with this forward-thinking business plan.
"Then we saw that there's another convergence going on with these critical infrastructure products."
As these facilities--petrochemical plants, power plants, dams--were taking stock of their security in a post-9/11 landscape, they were increasingly hiring one security professional to do a security vulnerability assessment, or SVA, then hiring another to design and install a security system to mitigate those vulnerabilities. Infrastruct combines those two professional skills.
This comes just as the federal government is mandating that certain private pieces of critical infrastructure--notably, chemical plants, as outlined in a recently passed bill--be held to DHS standards for vulnerability assessments, systems to address those vulnerabilities, and tests of those systems.
"I recently went to a chemical security summit," Wray said, "and I heard a lot of confusion coming out of the government about how they're going to identify risks and perform live simulated action to determine if the mitigation strategies worked ... They're very optimistic to say they can have a complete SVA in a few days. You're talking about having high-level guys in major organizations essentially wait for the cable guy to show up." Infrastruct is banking that private industry would rather hire their own DHS-approved firms to do the SVAs and get their security systems approved on a shorter timetable.
Wray acknowledges the conflict of interest inherent in the same company performing a SVA as designing and installing the mitigation. However, he said the integration portion of the business is seen as a separate business unit and "they would be free to take that SVA to another integrator." But, because of the rigors of the SVA-training process, in Texas done through the Texas A&M extension program, "any company that comes in should find the same gaps and offer the same minimal or extravagant solution.
The next step is monitoring that solution, and to that end Infrastruct will have a center ready by December. The goal is to do all the monitoring of the systems they install, but there is also capacity for some third-party monitoring. That will be something, along with virtual guarding services, that Infrastruct considers in the near future, Wray said.