Cyber Eye: Feds should roll out welcome mat to industry
I occasionally get e-mail from frustrated entrepreneurs who read in GCN about some government IT security concern. 'I have a product that will solve this problem, but I don't know whom to talk to,' they usually begin.
I don't know, either, and apparently we are not alone.
Jamie Gorelick, former deputy attorney general and a member of the 9/11 Commission that investigated the 2001 terrorist attacks, recently said the government does not have an effective mechanism for soliciting and screening new products. Meaning if innovative technology companies can't find you, you'll have a hard time finding innovative technologies.
'The federal government is bewildering to people who don't spend a great deal of time with it,' Gorelick said. 'There is an enormous amount of frustration out there. There is a fair amount of frustration within the government as well.'
In its policy pronouncements on IT security, the government emphasizes the need for strong public-private partnerships. This is in part because the private sector owns and operates the bulk of the critical infrastructures on which the nation's security depends. But cooperation is also necessary because government does not have the resources to create from scratch the tools it needs to secure systems.
The government supports some basic research into information assurance, although the President's IT Advisory Committee recently said not enough is being spent. The Defense Advanced Research Projects Agency pursues projects that promise to meet Defense Department needs, and CIA's In-Q-Tel technology incubator provides investments to commercialize new technology. But the budget for the National Science Foundation'the largest source of research support'appears to be shrinking.
For a small company with a smart product, there is no easy way to approach the government. 'The technologies to protect critical infrastructure are well advanced beyond what the government can digest,' Gorelick said. She suggested that agencies take an objective look at the image they present to outsiders and find ways to make themselves more approachable.
Why don't these small companies just reach you through traditional channels such as big integrators? Amit Yoran, the Homeland Security Department's former cybersecurity chief, pointed out that large companies with agency relationships have a vested interest in maintaining the status quo and supporting products they've already sold.
Fortunately, some feds are reaching out. DHS's Office of Small and Disadvantaged Business Utilization sponsors monthly meetings so that vendors can spend 15 minutes with a small business specialist.
A schedule of upcoming meetings is available online. To check it out, go to www.gcn.com and enter 339 in the GCN.com/box. Be warned: The department says spots usually are booked within two minutes of posting.
In addition, the Small Business Administration and Hewlett-Packard Co. now sponsor Business Matchmaking (www.businessmatchmaking.com), a program that brings together government buyers and small businesses.
These are steps in the right direction. Finding cutting-edge solutions shouldn't be such a challenge.