It’s a common trope that government has a lot to learn from Silicon Valley when it comes to technology. But in cybersecurity, Washington is leading the way in many respects.
When federal leaders and lawmakers praise industry’s tech savvy, they're usually talking about innovation, flexibility and speed to market. IT companies aren't burdened by a labyrinthine acquisition process. They can shift quickly when customers want something different, abandon failing efforts and push products out at the lowest cost.
Former Pentagon Chief Information Officer Terry Halvorsen told lawmakers in May he’d vastly prefer to buy commercial tech products than products custom-built for government. Halvorsen’s old boss, former Defense Secretary Ash Carter, launched a Silicon Valley outpost to improve partnerships with top tech entrepreneurs in 2015, which later branched out to Boston and Austin, Texas. Carter’s successor, Defense Secretary James Mattis, praised that center earlier this month, predicting it would “grow in its influence and its impact on the Department of Defense.”
Government will never move as quickly as industry. But in the cybersecurity arena, the cadre of large and small companies serving federal agencies have their own comparative advantage.
The federal government faces the greatest cybersecurity challenge on the planet: hundreds of thousands of potentially vulnerable endpoints -- from phones and laptops to fighter planes and satellite systems. A who’s who of advanced nation state-backed hacking groups are constantly trying to penetrate those endpoints. And government is typically willing to invest both time and money to get security right.