As a leading growth investor in security and infrastructure software, Insight brought leading CEOs and tech executives to an intimate conversation with leadership of defense and civilian agencies about the evolving cyber threat. As the name of the forum implies, a layered defense using modern technology solutions is an important part of a cybersecurity defense in any large organization — including federal agencies.
Speakers at the event included:
- DISA Vice Director Maj. General Sarah Zabel, who highlighted the scale and scope of the attacks on the defense networks every single day;
- Air Force Deputy CIO Bill Marion, who challenged federal colleagues to think differently about risk;
- Security expert and Trail of Bits CEO Dan Guido, who noted that adversaries are using known technologies but more coordinated and sophisticated attacks;
- Former Deputy Commander of U.S. Cyber Command Lt Gen (ret.) Robert Schmidle, who discussed lessons learned from setting up U.S. Cyber Command;
- Former GSA Administrator Denise Roth, who talked about GSA’s role in federal cybersecurity, including the new Tech Transformation Service / 18F that she helped build at GSA;
- U.S. Digital Services founding member Mathew Weaver, who stressed the importance of security and IT professionals learning cyber response skills in real-world situations — based on his experience recovering from the OPM breach and many others; and
- CEOs and executives from leading companies, including Tenable, Cylance, Firemon, Docker, Pluralsight, Thycotic, and Checkmarx, who highlighted how their innovations are solving problems across the commercial and government markets.
As a thought leadership forum with federal agency leadership and private sector CEOs openly sharing their technology visions, the event generated some interesting insights:
- Both government and industry leaders highlighted their priorities of cyber analytics, cloud services, and next-generation endpoint capabilities;
- There was acknowledgment that agency-specific security certifications can negatively impact private sector success in government; and
- There are strong common interests and motivation to expedite the delivery of mission capability.
There was also candid cross-agency dialogue on accelerating the Authority to Operate (ATO) process, the relevance of Agile and DevOps methodologies, and the complexities of making cyber capabilities operational.
As I noted in my opening remarks, one of the challenges that federal agencies face is keeping pace with the sheer number of security vendors offering newer capabilities.
That’s where the venture capital community can help — helping vet the teams, businesses, and technologies. We track thousands of security vendors, talk with hundreds every year, and invest in just a handful.
Insight Venture Partners invests in growing companies at all levels of the security stack, and our portfolio companies provide options to secure government systems in real world agency environments. Our portfolio companies are being deployed at scale in federal agencies today, integrating with each other and also with complex legacy solutions in those environments.
To illustrate a layered defense strategy for securing government information systems, consulting firm Cognitioreleased a Defense in Depth whitepaper that maps to Insight’s portfolio. It’s worth a read.