Due to new cybersecurity requirements for government contractors, smaller entities have expressed concern over their ability to compete for government business. The argument is that the government is overlooking potential cybersecurity solutions in the tech startup community. During a recent House Small Business Committee Hearing: Foreign Cyber Threats: Small Business, Big Target, lawmakers explained that the Small Business Administration needs to assist small businesses in “overcoming regulatory hurdles created by new cyber rules” and that small businesses can “better supply the government with innovative technology without getting bogged down by regulation,” according to a recent Inside Cybersecurity article.
In May, the General Services Administration and the Pentagon issued new regulations for government contractors that store or send unclassified sensitive government data. However, opponents of the measure argue that because of these new rules, small businesses are unable to enter the contractor marketplace, causing the government to miss out on innovative cybersecurity opportunities. Members of the committee disagree, claiming that if a business is not able to comply, they cannot be eligible to compete for business. It is clear that small businesses often lack the resources and expertise to prepare for and respond to cyberattacks. However, the question remains: are these cyber regulations hindering the government from better cybersecurity solutions or should organizations of all sizes be held to the same cybersecurity standards and regulations?