Maryland recently enacted two new cybersecurity industry tax credits — good news for Maryland’s cybersecurity industry and also an example of how a business-oriented group can turn advocacy into results.
The first tax credit will promote investment in Maryland’s cybersecurity product companies by providing a credit for individuals and entities that invest at least $25,000 in those businesses. The second tax credit encourages small businesses to purchase cybersecurity products or services from Maryland-based businesses, by giving them a tax credit equal to 50 percent of qualified spending. The aggregate amount of the tax credits available for both purposes is $10 million over the next two years.
If you have been paying attention to diverse groups such as The 2030 Group, the Montgomery County Economic Development Corp. and TEDCO, you know that each has been advocating for greater investment in building cybersecurity product companies and encouraging regional businesses to buy local when purchasing technology. They and others have also often pointed out that small businesses are actually the most at risk for cyberattacks, since they often do not have the resources to purchase cybersecurity technologies. Based on this, it shouldn’t be surprising to learn that the creation and promotion of these tax credits results at least in part from strong business community engagement.
Somewhat surprisingly, the Cybersecurity Association of Maryland Inc. led the charge on this legislation. I’ve always found CAMI interesting. It is a not-for-profit that was formed by Art Jacoby to promote the growth of Maryland’s cybersecurity industry. Art formed the group because he saw a need for it; he was an entrepreneur who saw a market need that needed to be filled. CAMI wasn’t formed as a legislative advocacy group. Its mission was to show which companies were growing in Maryland’s cybersecurity industry via its on-line directory of cybersecurity companies and to create opportunities for these companies through business connection events. CAMI’s leadership took a small budget, and, like many entrepreneurs I know, bootstrapped CAMI’s way to relevance.
Talking with Executive Director Stacey Smith, I learned that CAMI had looked at the Maryland cybersecurity legislative landscape and decided to take an entrepreneurial risk. Legislation that would have accomplished many of the objectives of the recently adopted tax credits had languished during last year’s legislative session. Rather than wait for others to advocate for these credits, CAMI decided to take the financial risk of hiring a legislative expert and jumping into the legislative process. CAMI went from connecting members of the cybersecurity industry with one another to connecting these members with legislators.
As is often the case when members of the business community start to speak with a single voice, policy makers paid attention. For example, Guy Guzzone, a Maryland state senator from Howard County, shared with me that CAMI’s engagement in the legislative process was a “very significant” reason why the cybersecurity industry tax credits were adopted on a bipartisan basis.
Smith had worked in the Maryland government before taking on the leadership of CAMI. She sees the tax-credit process as a template for how the region can grow more rapidly. Because cybersecurity is a very fast-moving industry, government policy makers often cannot move quickly enough to keep up.
“What works best is to have a partnership of collaboration between the public and private sector, with the public sector providing some of the resources and connections needed by the private sector while seeking insight from the private sector and relying on the private sector to execute on the plan,” she says.
I see in CAMI’s actions a successful model for how to combine entrepreneurial energy and engagement with the government to achieve a business community objective. It’s another example of how the region’s business leaders can accomplish meaningful changes when they work together.
It also provides an additional lesson of broader application. The overall financial amount of the tax credits — $10 million – is a far smaller amount than dollars made available to attract large businesses. It will be interesting to see over the next two years how many Maryland cybersecurity businesses will benefit from these tax credits. My suspicion is that the number will be significant. There’s no better way than finding new customers to help a business grow – getting financial assistance to find them is a big deal.
Although policymakers will often focus on hunting elephants – searching for the next large company to locate in their jurisdiction – the best solutions are often found in helping the businesses that are already there. Asking them what they need and finding ways to promote their growth is just as important as elephant hunting, if not more so. And it’s usually easier and cheaper to accomplish.