Security Problems

When the stock markets reopened after terrorists struck America’s financial center on Sept. 11, a few investors showed their patriotism by buying shares in such hard-hit companies as airlines and hotel firms.

Others demonstrated a more opportunistic approach: They snapped up stocks in firms selling airport bomb-detection gear, data-recovery services and biometric systems used to verify identities through fingerprints or facial characteristics.

A year later, only the most obvious morning-after plays proved lucrative. The stock price of InVision Technologies Inc., the biggest maker of government-certified bomb scanners, has multiplied tenfold, from $3.04 the week before the attacks to $30.85 on Friday. That jump made Newark, Calif.-based InVision one of the biggest Nasdaq market gainers over the last 12 months.

L-3 Communications Holdings Inc., whose vast product line includes similar bomb-detection equipment, has nearly doubled in market value. Its stock price has soared from $31.50 to $54.95 on the New York Stock Exchange.

But the rest of the security technology field has performed surprisingly poorly in sales, profits and stock prices.

Industry executives and analysts cite a host of reasons for the divergence. Chief among them are the lingering economic doldrums and the stutter-step of getting new mandates and funding from government bureaucracies.

Some of today’s laggards still may reap benefits, said InVision Chief Executive Sergio Magistri, who knows as well as anyone the benefits of patience.

“From a business point of view, Sept. 11 opened up the door for a new space called homeland security,” Magistri said. “Over the next two to four years, we will define this new industry, and we will sort out who is performing and who is not. There will be a constant adjustment, where the market will reward winners.”

For InVision, the aviation-security bills passed by Congress and orders from the federal government have rewarded more than a decade of work.

InVision spun off from a medical equipment maker in 1990 after terrorists bombed Pan Am Flight 103 over Lockerbie, Scotland.

“We saw a need for a better explosive-detection technology, and we saw the right legislative framework in Washington,” Magistri said.

It took four years and a $30-million investment before InVision won federal certification for its car-size computer tomography machines, which use a process similar to hospital CT scanners to check for the outlines and density of all types of explosives inside luggage.

Even after that, the deployment moved in fits and starts. Although the government demanded seven years ago that checked luggage be screened, little money was appropriated and most luggage continued to go unchecked.

Before the attacks, InVision’s biggest challenge was holding on to staff members who were tempted to join technology start-ups during the dot-com boom. That was even tougher as InVision’s sales lost ground after rival L-3 won certification for its machine.

Since Sept. 11, when Congress demanded that airports get more of the machines made by InVision and L-3, the challenge has been keeping up with orders.

InVision has more than doubled its full-time and temporary work force to 478 from 204 and hired a manufacturing contractor as its sales nearly quadrupled in the most recent quarter, to $68.4 million. Profit in the April-to-June period ballooned to $9.6 million from $144,000 a year earlier.

Still, InVision’s dealings with the government haven’t been ideal.

“The delay between the legislation and our first round of orders was two to three months,” Magistri said. “It took another two to three months until we could get to a level where we could push forward with our supply chain.”

In addition, some airports asked for more time to install and incorporate InVision and L-3 machines into their operations. A Senate panel voted Thursday to extend the deadline on luggage screening by a year, until the end of 2003. That sent InVision shares down 12% in a day, to $29.85.

Only slightly less apparent than the need for tighter airport security after the Sept. 11 attacks was the need for better systems to preserve business records in the event of a catastrophe.

Last fall, the leaders in the field were IBM Corp., SunGard Data Systems Inc. and Comdisco Inc., which was in bankruptcy proceedings. The anticipated spike in business prompted a bidding war for Comdisco’s assets between SunGard and Hewlett-Packard Co. SunGard won.

Yet total revenue at the combined business was virtually the same in the first half of 2002 as it had been a year earlier. SunGard shares rose above $35 this spring, but since then they have tumbled, closing Friday at $20.93 on the New York Stock Exchange, about where they were before the attacks.

After a disaster, “there’s almost always a rise in interest and awareness,” said SunGard spokeswoman Judith Eckles. “But that doesn’t always translate into increased business.”

IBM declined to comment on its sales since the terrorist attacks.

Prudential Securities analyst Bryan Keane said disaster-recovery spending will recover. He believes that, in the long term, the business will grow 8% to 10% annually.

If so, that would be a substantial improvement over this last year.

As a percentage of total information technology spending by big companies, disaster expenditures have declined since Sept. 11, according to a Gartner Inc. research study this month that blamed the sour economy.

“Few enterprises have significantly increased their budgets for business continuity,” the Gartner analysts wrote. “An expected increase in spending hasn’t occurred.”

Spending on electronic security also has changed little, and the federal office of cyberspace security imposed no new requirements last week in a long-awaited report.

Some of the greatest expectations--and biggest disappointments--have been at biometrics firms.

Fingerprint reading, the most accepted of the techniques, has made some headway. Identix Inc., a leader in the industry, has more than 100 readers installed at airports that check employees against a law enforcement database. Before the attacks, it had fewer than 20.

But facial recognition systems haven’t been deployed much beyond some controversial airport trials.

Identix bought facial recognition firm Visionics Corp. this year to expand its offerings, but sales have been slipping. Last month, Identix said it expects to lose money at least until next summer.

Identix stock jumped from $3.80 before the terrorist attacks to above $15 but has sunk back to close at $5.77 on Friday in Nasdaq trading.

Company spokesman Meir Kahtan said that deploying biometric technology takes longer than investors expect. First, policymakers must learn about the possibilities and write the laws. Then there are requests for the trials that must be conducted before machines are permanently installed.

“The general population only sees the final implementation,” Kahtan said.

Analysts said there have been important early steps, including a requirement that visas include biometric information starting in 2004 and a test project at the Defense Department that uses biometrics to restrict access to buildings and computerized information.

After the government programs get more momentum, private companies will adopt similar policies, said International Biometric Group partner Raj Nanavati, whose consulting firm sees industry revenue increasing to $603 million this year from $524 million in 2001.

But more dramatic changes will be spurred only by another crisis, many fear.

“It amazes me how the federal government prepares for the last threat,” said analyst Brian Ruttenbur of Morgan Keegan. “We throw all this money at airports, and we’re checking less than 2% of the cargo and trucks coming into the country. We haven’t done anything but study that problem.”

Even L-3 Communications CEO Frank Lanza, whose company has benefited substantially from the focus on aviation, calls the current system a mess.

“There’s no central funding or strategy in this country yet for what we have to protect,” Lanza said. “Until we get a homeland security department with someone competent to run it and a budget to go with, you’re not going to get much happening except fragmented little things. I think it will happen eventually, but it’s going to take a wake-up call again.”