The National Security Agency spends a significant portion of its budget on cybersecurity technologies, but it's currently falling behind its target for small-business utilization, according to Jennifer Walsmith, senior acquisition executive at the NSA. The agency is "working diligently" to meet its goal, she added.

The NSA's goal is to award 25 percent of prime contract dollars to small businesses, but as of June 30, 2011, the agency was at 17.33 percent, she said during a July 25 field hearing in Laurel, Md. held by the Senate Small Business and Entrepreneurship committee.

Agencies have several programs to help maximize opportunities for small, minority and disadvantaged businesses competing for contracts, but small businesses represented at the hearing said those efforts are not enough.

"A significant gap exists between entrepreneurs creating viable early-stage companies and viable small businesses capable of bringing technology-based products to the marketplace," said Sarah Djamshidi, executive director of the Chesapeake Innovation Center, a business incubator located in Annapolis, Md.

A shortage of cybersecurity professionals, inadequate seed funding and the complexity of navigating the government contract process make it difficult for small business to win cybersecurity contracts, Djamshidi added.

A Largo, Md.-based business owner made the case, before the Senate panel, for legislation that would give small businesses preference specifically for federal cybersecurity contracts.

"It's been a fight," Charles Iheagwara, chief marketing officer at Unatek said, according to the Gazette. His company has had mixed results with federal and state contracting. After bidding 50 state contracts Unatek has won none, but has won eight federal contracts--seven of which were prime, Iheagwara said during his testimony.

"Small business is a key engine for innovation in the field of cybersecurity," said Patrick Gallagher, director of the National Institute of Standards and Technology. He emphasized the unique benefits of small business partnerships by noting their niche focus and start-up mentalities.

"Small business provides critical technical competencies in cutting-edge IT security tools, techniques and test capabilities that permit NIST to leverage their expertise in integrating cybersecurity standards and safeguards into some of our Nation's most critical initiatives, including the development of a secure and interoperable Smart Grid, the adoption of Health Information Technology, and the advancement of automated security vulnerability, asset, and configuration management," he added.

For more:
- see the hearing page (prepared testimonies)

Related Articles:
Disconnect exists between cybersecurity workforce needs and outreach 
Marrying cybersecurity education and agency needs a challenge
OPM, NICE work to define cybersecurity workforce problems