a16z Podcast - a16z Podcast: Government, Startups, & Innovation -- with U.S. Secretary of Defense Ash Carter
Episode Date: April 25, 2015Silicon Valley and the U.S. Department of Defense have had a long history of partnership -- including the government funding R&D that was commercialized by major companies and is now used by peopl...e everyday. But lately, there's been a more "commercial" evolution of technology, with both government and startups shifting focus in what they did (and didn't do) before. Where does this leave innovation around big ideas? In this segment of the a16z Podcast, we grabbed a few moments with U.S. Secretary of Defense Ash Carter to hear his thoughts on these and other questions. Including how startups should partner with the government -- one of the biggest IT buyers in the world -- as well as what security areas he thinks are important to work on. And: why he hates GPS.
Transcript
Discussion (0)
Hello, everyone. Welcome to the A6NZ podcast. I'm Sonal, and I'm here today with the U.S. Secretary of Defense, Ash Carter. Welcome, Ash.
Good to be here. Thanks, Sonal. Thank you for coming here. So, you know, you gave a speech yesterday at Stanford, and you talked a lot about ties between Silicon Valley and the need for partnerships.
But actually, I want to start with some place kind of random, which is you once said a long time ago how you hated GPS. And I actually want to hear why you say that.
Okay. Here's why.
makes us receive signals from satellites that are in semi-synchronous orbit,
which are, by the way, very expensive to launch and operate.
We do that in the Department of Defense, so that expense falls on us.
But it's not so much the expense as the fact that that makes it vulnerable to people who can attack it.
It makes it impossible to use it in the valleys of, for example, Afghanistan or a big city where you're shadowed.
We, uh, from the satellite signal, okay, so you can't, from the satellite signal, or in a place where the signal is poor, just like cell phone signals can be poor. So, and we particularly, of course, in the Department of Defense, worry about enemies jamming GPS signals. So what's the answer? What would I like to do instead of launching these really expensive satellites? I call it the GPS of things. And what it, there will come a time soon, and we're working on this, where on a chip, you will have an accelerometer.
a gyro, and a precision clock.
So it's like a MEMS basically, you guys?
Exactly, exactly.
Microelectramechanical system and mems.
And that chip will be in every object in the Internet of Things.
So that's why you call it a GPS of things got it.
So at the time every smart object is manufactured, it will also be told what time it is, where it is, and what its orientation and spaces.
And from that moment on, it will all.
know those things and it'll never have to ask a satellite. So that's important for us if it's a
bomb, for example, and we want it to guide itself by GPS, not to have to worry about it getting
jammed. But it's also good for people who are keeping inventory anywhere there is now a GPS receiver
on a vehicle, on your phone. You don't need to be receiving satellite signals. So it's a very
inexpensive and vulnerable way of doing things, and pretty soon I won't be launching any more
of those satellites. Tell me a little bit about where you think that is going to happen.
When we talk about the evolution, we talk a lot about how we have a more commercial-driven evolution of technology, yet the Department of Defense is still accountable for 50% of R&D spending.
So where do you see that innovation playing out?
Like, what part will you own and what part will other commercial players in the ecosystem own?
You use the word ecosystem, and that's just right.
We used to be the whole ecosystem.
And now you're asking the right question, where do we fit in an ecosystem of technology that is global and,
commercial. And in this particular case, we, because we have the need to not be vulnerable to
jamming, we will develop these mems, even if they're very expensive. We'll buy them even if
they're very expensive because we need them so badly for a desperately important mission,
protecting the country. So we'll get there first, basically by spending money, being a market
leader, eventually cost will be driven down and everybody else can enjoy the benefits of that
innovation as well. That's one of the ways spin-off works. It starts with us, and it's not like
we're wasting any money or we don't care about money. We have applications that are particularly
demanding that we pay for first, and then the technology goes out. But I also, and I was speaking
about this here in the Valley, and it's one reason to be out here, we can't rely solely on the
spin-off model. And by spin-off, by the way, you meant that you guys developed it and
And then it goes to the commercial.
That was the old model.
It still works in some cases, like the one I just gave.
But in most cases in technology today, we, the Defense Department,
we play the role in the ecosystem of a devourer of outside technology.
In fact, I've heard that the government is the biggest IT buyer in the world.
It is.
We're an enormous market for IT companies and also for IT security companies
because we care so much about security and so many people want to attack our networks,
either because they think it's fun, sport, or because they're potential antagonists.
So that's important for firms like Andresen Horowitz, who are investing in companies.
We're going to be at the forefront of a lot of their markets.
And then the question becomes, how do they market to us?
I want them to market us.
Yeah, tell us actually how.
Because there's a lot of startups that listen to our podcast, including startups not in our portfolio.
And we'd love to hear your thoughts for how they can reach, peak your interest as an IT buyer.
Well, they do pique my interest because we want the very best, and we can't develop all that within our own walls.
The trick here is that we, over time, and I just have to say this, the Department of Defense and the government in general, has become a rather slow and stodgy buyer.
And there's a bureaucracy that's too big.
And so companies that know how to deal with the bureaucracy have an advantage over ones that have the best.
technology. That's wrong. And so we need to lower the walls to entry for startup companies
and also give them a path to success. They don't want to end up sold to a big company. That's
one exit for many of them. But for a lot of people who are starting new companies, they don't
want to be owned by anyone, they're controlled by anybody else. They want to be on their own and
they want to grow on their own. We need to open that pathway for them. That's why I'm
working on creating an innovation unit out here. That's just what we call it. But its point
is to teach us how to welcome VC companies to market to us and teach them how to deal with us
and open up that channel so that we have as richer relationship with the world of technology
as we've had for decades now.
In fact, you actually put an X in the name of that new unit.
Experimental. And that just simply means that I realize we're trying things out. We're
trying new ways of interacting with the valley and the people in the valley. And so I'm starting
three or four pilot projects, so to be, and we'll see how they do. But I don't want to set up
something with the pretending that I know where it's going to lead. I don't, but that's actually good,
because it means that we'll keep, stay smart, we'll stay innovative. That's what we need to do.
And I think we need to match our approach to the approach of the really bright people out here.
They don't want to fit a mold, they want to be themselves, but they want to market to us and they want to share technology with us.
I need to make that possible.
I need to make us compatible with the great, wonderful, innovative style of this part of the world.
So one question, Ash, just to take a step back, back to the ecosystem when you were talking about the changing model of the spinoff that we had before and what we have today with this new government being the primary IT buyer, what do you see as, when I was at Park, one of the things we noticed, I know,
was that the Department of Defense had evolved its R&D to be more concrete and application
oriented. Are you still investing in sort of big ideas as well? Or how does that sort of
play out? Or are startups now driving that innovation? Like, how do you see that all playing out
in the ecosystem? It's a very good question. And I'm determined, and we're doing this, that
even in the time of budget pressure, sequester, and all that, that we keep our basic research
funding going at a very brisk rate, that is things that are a real reach, that the commercial
world won't invest in because it's too riskier, it's too long term, but we might because it's
essential to national security. So we're going to do that. The next trick becomes linking that
basic research to the marketplace, linking it to products, because you can have great research
going on in a ghetto that never links up with anything else. And that's a tendency that all
companies have to overcome, but we have to overcome the Do you have any thoughts on how to
overcome that silo effect? Yeah, what you have to do is make sure that the innovators are
linked to the users and developers, and the only way to do that is what I call sort of animal
proximity. Animal proximity. They have to know each other, be together enough. That's why I want
us to have a unit out here, a place that can connect.
innovators to those who might use the innovations. Because if those are, those two parts of the
ecosystem are separated, that's a real problem. And companies struggle with that, but we struggle
with that big time. Labs get self-involved. That's exactly. They're interested in their own
projects and they forget what it's all about. It's to serve ultimately the customer, in our case,
the national defense. Well, so just to wrap up, since we don't have that much more time,
let's talk about security. And especially because you were talking about wanting to partner more
with startups on that. This is clearly top of mind. I feel like I'm stating the obvious to you
and to everyone in our audience that there's so much happening in the news with hacks and more,
especially this past week with RSA wrapping up. Do you have any thoughts on where there
needs to be more innovation here, where you would like to see more innovation?
I definitely do. I'll name a few really critical areas. First, industry is not, and I'm not sure
I understand why, but for 10 years or so, as the cyber threat has been growing,
Industry around the world has not been investing adequately at its protection.
They're beginning to do that now.
And so people at the CEO level understand they have this responsibility are beginning to invest in it.
But they're late to need in most cases.
What do you mean by late to need?
Well, they have networks and IT systems and IT people, for that matter, who don't have adequate security background.
So that's the first thing is that we're coming late to this compared to the enemy.
The enemy is hackers to foreigners, and there are lots of spies, economic spies.
There are lots of people who are trying to do it.
So you mean both government and economic espionage type folks?
Exactly. Exactly.
So what role do we play?
We play two roles in the Defense Department.
One is we are going to be one of the innovators of new techniques,
and we'll do them, even if they're expensive,
because we have to have to have to protect our networks.
And so just as in other technologies where we have been willing to pay more for innovation and to do the innovation ourselves before the commercial world,
I think we will be able to lead technology development that will then spin off to the commercial sector.
So that's one role we'll play both for ourselves, good for us, good for the commercial world.
A second role we have, I mean, we are defense of the country.
And at some point, the hacking rises to the level of a really unacceptable attack on an American firm, an American company.
And we are the Department of Defense, which means we're supposed to defend the people against all kinds of threats.
And we are also working on which combination of defense, intervention, and even counterattack.
Right, like a more offensive toolkit.
in order to tell people that if they attack Americans in cyberspace, at a certain level,
we're going to regard that as an attack.
It's not hacking.
It's not fun.
An attack is an attack.
Yeah.
It's not.
The Internet is free and open, but not free and open to people who are attacking others
and causing harm, causing economic damage, and so forth.
So those are our two principal roles.
So, Ash, in terms of security domains, like what topic?
are most top of mind for you. Is it encryption, back doors? Is there anything that in particular
that you'd love to see more innovation? Yes, a couple areas. The first is threat sharing.
What is that? Information about who's getting me and what tools are they using. That shared among
companies and shared between the government and companies. Sounds like a very simple thing
where I say, hey, look, I'm being attacked in a certain way. And I'm
I make that known. Now, the problem with that is many companies don't want to indicate to their
customers that they're under attack. So this has to be done sort of quietly. But the whole is
greater than the sum of the parts. If we all explain to one another, what kind of attacks we're
experiencing. And of course, this has to be done at network speed. Right. It has to be like super
fast. So you're really talking about something where the current model is that companies may
announce it or may not. And if they know, they keep it between themselves and perhaps some...
Their security company. Right. Exactly. And,
So you're describing sort of a meta network where the company...
Where the security companies say, hey, I'm not going to name who did what the victim was.
They're a client of mine.
It's fascinating.
But you all should know that this is what's going on in somebody's network over here.
Watch out for it.
And we can do the same thing with government.
And again, if it rises to a certain level, then law enforcement or homeland security or even the Department of Defense might intervene.
Second area is what I'll call interactive defense.
You can't be passive anymore in network defense.
You can't just put firewalls around.
It doesn't work.
You have to patrol the walls and look for people who are drilling holes
and people who are climbing over your wall.
So when you say interactive, sorry not if you mean,
when you say interactive, you mean adding a more proactive component
where you just don't try to create this like perimeter,
but you're actively monitoring and doing things from the inside.
And you monitor what's going on outside and also what's going on inside.
Because remember the insider threat really is.
is the one that security specialists fear the most. It's an employee who's careless. Oh, so you mean
like intrusion detection? Yes. And somebody who is exfiltrating data, company data, why are they doing
that? That's not their job. Boy, that's a lot of information for somebody to be exful. They must be
up to something. That kind of monitoring, if we'd had it, and just to put shame on ourselves,
NSA, which is part of the Department of Defense, that's what Edward Snowden did. And he wasn't caught
in the act, over a period of months, doing something that had no reasonable association with
his job at all. And the complexity and the scale of information systems make that kind of threat
possible. And of course, everybody knows about Snowden, but there are a lot of insider events
that have occurred in industry as well. People don't like to talk about them because they
don't like to expose themselves. Exactly. Well, thank you again, Ash. And thanks for being
on the 860s and Z podcast. Great to be here. I appreciate it.