Innovation and technology transition.

Representatives of government and industry shared their perspectives on how innovation might be fostered for both public goods and economic development. 

Karen Jackson, Secretary of Technology for the Commonwealth of Virginia, described the state's economic and innovation environment as an ecosystem of vendors, buyers, and innovators, with particularly strong representation of cybersecurity startups.

From the US Federal level, Dr. Douglas Maughan of the Homeland Security Advanced Research Projects Agency (HSARPA) and the Department of Homeland Security's Science and Technology Directorate, described his organization's missions. Fostering development of cybersecurity solutions figures prominently among those missions. Maughan reviewed a wide range of programs designed to serve that mission, and he encouraged industry engagement. 

He was particularly concerned to emphasize that the DHS S&T cybersecurity portfolio is not a basic research portfolio. It's strongly use-inspired, and has a very tight focus on transition, with many mechanisms in place to foster moving technology not just to users, but to markets. They've worked to develop such transition opportunities through both interagency cooperation and extensive public-private partnerships.

A late-morning panel on securing global commerce and national defense sounded a similar note from an Israeli perspective. Panelists noted that cybersecurity issues have recently become real to decision-makers in both government and industry in ways they hitherto had not. A former concentration on technological solutions has given way to a holistic understanding of the problem as involving risk management, and as having hardware, software, and human dimension. This development the panel saw as entirely positive. Israel's approach to innovation involves a similar commitment to public-private partnership and a particular emphasis on nurturing a healthy start-up environment.

Another panel, this one on investing in cyber security, took up what moderator Merritt Baer called the "tired trope" of the disconnect between Washington and Silicon Valley. (Those are of course metonyms, with "Silicon Valley" now being geographically increasingly inapt, as the Northern Virginians in attendance were quick to point out—a lot of companies thought of as "Silicon Valley" are really "Potomac Valley," or "Chesapeake Bay," or "Front Range," etc.)

There are certainly cultural disconnects, but these can be overcome if both cultures understand that they tend to draw their motivations from different places. Exchange programs between government and industry offer promise. One suggestion from Hala Furst (Cybersecurity and Business Liaison at the US Department of Homeland Security) was that Government users of technology might work to develop a higher risk tolerance for things "not fully baked." This would recognize the rate at which both technology and threats evolve. She advocated trying to meet the threat on the threat's timeline, and to work incrementally, racking up the small wins.

Crowell and Moring's Evan Wolff observed that start-ups should begin with a sound strategy, and that such a strategy should include sound legal advice. "Think about your last dollar when you're getting your first dollar," that is, don't be so driven by the exigencies of securing customers and cash flow early that you bind yourself to unwise contracts that will bite you at exit.

Transition can be at least as challenging for start-ups as it is for Government science and technology agencies. Morphisec's Arthur Braunstein (after paying a compliment to the Department of Homeland Security for pioneering thinking about moving target defense, which Morphisec has commercialized) argued that start-ups excel at innovation, but too often fall short in commercialization.

Taking up the question of what governments could do for industry, Dr. Samantha Ravich (Senior Advisor, FDD, and former Deputy National Security Advisor) thought they could assume a larger role in protecting businesses from purposeful theft of intellectual property. This accounts for hundreds of billions in lost revenue. It takes a considerable toll on job creation, and it also crushes incentives. She sees small business as particularly in need of protection.

An interesting possibility was suggested by Dr. Yaniv Harel, General Manager of the Cyber Solutions Group at Dell EMC. He spoke about the effects of a major data breach, and how such breaches might be prevented. He thought that cyber ranges had promise here: we tend to think of them as training installations, but he advocated using them for testing as well.