KPCB partner Ted Schlein interviewed Defense Secretary Ash Carter at the annual RSA Conference in San Francisco, March 2, 2016. Carter discussed the department’s outreach to the private sector, its desire to grow cyber security forces, leveraging top talent in the tech community, and the expansion of the counter-Islamic State of Iraq and the Levant campaign into the cyber domain.
Below is a transcript of their conversation.
STAFF: I wanted to introduce this track to the audience today.
The news today is dominated by acrimonious fights between the technology community and the national security policy community. Yet, we all know that our best for success in this society is if we can marry the best of the two worlds and what they have to offer to come up with the security solutions that protect our society, our people, our organization, our corporations and our privacy in a way that’s consistent with our shared values. And that obligation rests on all of us, not just the U.S. government, not just the technologists, not just the innovators, but all of us jointly.
And here today, joining us on stage, are going to be two people who are emblematic of the best that the tech — of these two worlds. The highest ranks of the U.S. government and the highest ranks of the technology community.
Ted Schlein is a general partner at Kleiner Perkins. I’ve known Ted for over a decade. He’s one of the most accomplished, interesting and innovating — innovative investors in the security community and one of the few who has actually effectively crossed the divide between the Valley and Washington, D.C.
Ted has a storied career as an operator, investor, adviser in the cybersecurity field. He understands and he cares deeply about the issues of our time and the importance of bridging the divide between the east and the west, between the Valley and Washington, between technology and national security policy.
Dr. Ash Carter is the 25th Secretary of Defense of the United States and former Pentagon acquisitions and technology chief, Harvard professor, a physicist and a Medieval scholar, which is perfect background to solve these problems.
After stepping down during this last year in the Pentagon as deputy secretary of defense, Dr. Carter moved from Washington to Palo Alto and, though I’m not sure he actually remembers this, the last time we saw one another was at the — (inaudible) — tech conference just days before he was appointed to his current position.
Since taking office, Dr. Carter has made numerous trips back west, met with entrepreneurs and investors and argued hard for the U.S. government, especially the DOD, to learn from tech entrepreneurs about innovation, speed and flexibility.
As we think about the importance of this conversation, it’s really easy for us in technology community to think we have all the answers. It’s really easy for the government to believe that it has all of the answers. But it’s really about the dialogue. It’s about building trust between the two communities, between the tech industry and government.
And as we do that, as we look to the government as it’s thinking through its policies, let’s not forget the day job that Dr. Carter has. We are simultaneously fighting wars in Iraq, Syria, Afghanistan, we have special operation forces at work around the world, dozens of countries, we’re — we’re performing piracy operations in the Indian Ocean while dealing with the resurgent Russia and Eastern Europe. And while working around all these fronts, Dr. Carter is also working hard to transform the DOD with the latest generation technologies and systems.
We can’t — (inaudible) — that his day job has some pretty awesome demands as well, just like our day jobs do. A little bit different. And even with that, Dr. Carter continues to make time to come meet with entrepreneurs, innovators and technologists and having necessary conversations to determine the right policies for all of us.
On our end, there’s some pretty incredible institutions right here in our back yard that can help us engage in this dialogue. At Stanford University, we have a Center for International Security Cooperation, Stanford University’s hub for researchers tackling some of the most pressing national security and international cooperation issues where Dr. Carter has long-standing ties and where he was briefly a visitor.
We have the newly established DIUx, the Defense Innovation Unit-Experimental whose purpose is to create lasting relationships with technology innovators in the DOD. And of course, we have In-Q-Tel, who’s mandate as an investor has extended far beyond the intelligence community.
Right here in our backyard, we have three easily accessible institutions that can help us engage in the dialogue we need to solve some of the most pressing problems that we face. We desperately need to bridge between our two communities. The headlines tell us that. This is the bridge. You guys are looking at them. They’re two of the best people to engage in this dialogue.
I am thrilled to have Ted Schlein and Dr. Ash Carter join us this afternoon.
MR. TEDSCHLEIN: That’s the nicest thing anyone’s ever said about me.
(inaudible) — say more.
SEC. CARTER: (inaudible)
MR. SCHLEIN: (inaudible) — she said. So Mr. Secretary, thank you so much for — for joining us here. This is your — if I remember, this is your third trip to Silicon Valley since you’ve become secretary of defense, which is more than any secretary of defense in the last 20 years.
SEC. CARTER: Hasn’t been a secretary of defense in Silicon Valley in 20 years, I found out, when I become secretary of defense, which staggered me. Anyway, so I’m hastening to try to rectify that, build the bridges, as —
MR. SCHLEIN: We’re going to talk a lot about that because I — I — your focus on this valley and its importance to the U.S., both economically and from a safety standpoint. You’re very outspoken about — I want to get into that. But before you get into that, I’d like to give a little — everyone a little better feel of your road to being secretary of defense, you know, how — how does one become secretary of - you’ve -
SEC. CARTER: (inaudible). No, I think it’s probably that — (inaudible) — this — I didn’t set out to do this. I was a physicist, really deeply interested in what I was doing, which was elementary particle physics, by the way, and I was — I worked at Fermi Lab — (inaudible) — national laboratory, was writing papers and very happily engaged.
But — and I wasn’t really aiming at national security at all, but — and this is — this is significant. The people who are the generation older than I in that field had all been part of the generation — the older of them built the bomb, but had been part of national security dating back to — (inaudible). So it was — it was a reflex on their part to have an association with national security, to take an interest in it. And they always told me that you — you had, because of the knowledge that you possess and technology, you had a responsibility that came with that.
That’s kind of a culture that I — and — and I — ultimately, I took that seriously and somebody said come to Washington for one year. Just one year. You’ve all heard that too, right? Just one and give this a try, it’s a really important problem — technical problem, work on it for a year.
And I — I felt really good about that because I thought it was a problem of great consequence. This way, by the way, where to put a big nuclear missile — this is the peak of the Cold War, now — and where it couldn’t’ be successfully attacked in a first strike by the then Soviet Union. And if you remember how all that went, the logic there was that if we could survive to retaliate, then they wouldn’t attack us in the first place because we could survive to retaliate and that was the whole deal, right?
And — but this is — they had a lot of stuff that they could throw at us, so how do you make anything survive that kind of onslaught? That was the essence of the technical problem. And I thought this was a problem of great consequence to the world and I have something to contribute, because of what I know. So those are the two best feelings in the world right? That you can look upon a important problem and you can make a difference.
And the problem is those two things came together and sort of kind of caught on with me. And I took a first job as a very junior guy and I did that for a couple of years, working on space, nuclear, kinetic control, Caspar Weinberger was the Secretary of Defense at the time, a long time ago, sure.
And I was just a young guy with big eyes. And so forth it caught on with me and over time I had various jobs, you know, the very persistent — I was an assistant secretary of defense, then I was a member of the secretary of defense and I was a deputy secretary of defense and now I’m the secretary of defense.
But I love the mission. I love the place and that’s why I’m glad I had the opportunity to be here with all you who are innovators and we can’t remain the best in the world and do what we do, which is to protect our country and make a better world if we are not the best.
It’s a competitive world out there. The only way you stay the best is innovate and handle that connection as my mentors instilled in me, between the mission of providing security and the innovative — the great innovative engine of America, that’s real important to me.
MR. SCHLEIN: We will talk about that, but you were actually a byproduct of sort of a call to action that you’ve been putting in place in the Pentagon of trying to get folks from the Valley and elsewhere to come to Washington.
SEC. CARTER: Exactly.
MR. SCHLEIN: We looked at short periods of time. You even have a program around it?
SEC. CARTER: Yes, we have a member of them. One is the Defense Digital Service for those who are interested. And it’s exactly trying to recap what I did. In other words, come in, work with us. The director of it, by the way, is here, Chris Lynch.
And if folks come in, no strings attached, you don’t get the position of secretary of defense…
SEC. CARTER: But maybe it’ll lead there for people. But the point is, we’re not going to — we’re not — you don’t have to become part of the government, this isn’t a career thing. Come in, try it out, work on an important problem for a year or two, a project and see how you like it.
And then you have — you go back and do something else, that’s okay, but there will be a little bit of awareness in your mind, maybe you’ll come back and do something another time with us. So that’s an example of a people bridge between the innovative sector and the government where people get to try us.
I would like our people to learn more about what’s out here. That’s one of the reasons why I have this Defense Innovation Unit Experimental. By the way, it’s called experimental because we’re still experimenting with it. And it’s going to change and we’re going to keep innovating with it.
But it is — the idea does — and one of them was to get some of our people familiar with not just the technology but the culture because the government culture isn’t - there’s some parts of it that -
MR. SCHLEIN: Let’s talk about DIUx because that was a major initiative that you brought forth last year and stood up. It’s at Moffett Field. I’d like to get an update on what its mission is, what the status is, because it is a direct attempt by yourself and the Pentagon to have an interface inside the Valley.
SEC. CARTER: Exactly. It’s a place to connect. And it is done (inaudible) and it — I’ve given them a very open charter. And so, just connections. Make — then make money connections.
That is, help people understand places in the Department of Defense where they can secure funding for ideas that they think are relevant to defense where they can get to more of the programs like I described. If they think maybe they would like to take a year of service, a tour of duty, see what’s it’s like.
It’s a place where our people can come and be and connect with all of you and so it does a lot — it does lots of things. And we’re still, again, experimenting with the methods and so on, but I encourage you to get to know that and all of our new activities.
MR. SCHLEIN: So how do you know if it’s been successful? What’s the measurement, if say you go out, if you lose and look back on DIUx and sort of —
SEC. CARTER: A couple of things. I would say, first of all, I hope that it — there are companies in the Valley who are doing work of consequence for national security and international security because they were introduced by, in some way, money, a meeting, technically — technical discussion that wouldn’t have been possible if there weren’t a place and a facilitator for that.
That’s one metric I’d use. Projects that we use. Money that we spend. That means people. So, down the road there — I don’t know, say like me. But if there are, you know, a couple of 10s, couple of 100s of people who have come into the Department of Defense and made a big difference — well, you all know this from memorization — very few people, even in a huge organization like ours, can make an enormous difference.
The idea that you are a cog in the wheel isn’t the spirit of the people in this room and it’s not the spirit of people we want. But you can come in and make an enormous difference. And so, that would be a measure.
MR. SCHLEIN: Okay. And this morning, I think it was this morning, you announced the Defense Innovation Advisory Board to be headed by Eric Schmidt. It’s these multiple salvos that you’re firing up the Valley to embrace and say - I actually don’t know much about it, my guess is -
SEC. CARTER: You know, I’ll tell you that I appreciate it when it’s very much in the spirit of what we’re doing which is to try to be innovative ourselves and how we conduct ourselves as a government and a Pentagon. I tell my people, think outside the five-sided box.
Think of new ways and I’m hoping that through this, what I call the Defense Innovation Board and this is going to be some people that are the best technical minds who come in and once again, spend a little time giving me sound advice on how we can be more innovative.
I’m so grateful to Eric Schmidt, for his willingness to do things. And I — he’s the perfect chairman for two reasons, first, he’s somebody who obviously is brilliant and knows the innovative process very well and has demonstrated that.
And second, he’s willing to do it.
SEC. CARTER: And I mean that. You can’t take it for granted the people who want to — you’ve got a lot of things to do. But he cares so deeply about this country and about this world and he knows that you can’t have everything else.
You can’t have freedom, you can’t have innovation, you can’t take care of your family, you can’t have a career if there is insecurity. And so somebody’s got to provide security. It’s a serious business, it’s not a game. We know that.
And he is deadly serious about willing to spend his time so I’m so grateful. I’m going to let him have a substantial latitude in picking the members of the board, the other members of the board because I want the smartest people.
And then we’ll travel around the world to our bases, installations, commanders, get familiar with our problems and tell me how we can do better ourselves. So I’m very grateful to Eric for doing this. So these are yet another way I’m trying to connect this.
MR. SCHLEIN: There’s a question because what happens is that eventually, maybe it’s in January or after — they’ll be another secretary of defense.
SEC. CARTER: Sure.
MR. SCHLEIN: And you pulled together some amazingly innovative initiatives and no previous secretary of defense has actually tried to do it. How do you keep some level of persistence with these programs when there’s a change over.
A lot of this happens because everyone knows it’s important to you, will it be important to the next person? Will be funded? Because we in the industry, with these interfaces and we start to work, whether it be DIUx or (inaudible), we want to make sure that the people that we’re building a relationship with are going to be there and empower the future.
SEC. CARTER: I’m very optimistic because I think the logic is compelling. So whoever comes after me and comes after that and comes after that will — we’ve been blessed. We’ve had a lot of really fabulous predecessors come to mind, including a couple of physicists by the way.
And as they think about their mission, which is to fight today’s wars. You mentioned that and we’re very busy doing that. Also, to be thinking about tomorrow, they recognize that this is necessary and I hope their — and I’m pretty confident they’ll say, yeah, I’m glad he started these things. I’ll keep them going and I’ll start some more.
And it would be a reminder and a little groove that our — that successors of mine can get in to keep us connected. So I’m very confident that it’ll broaden. Besides, we’re not just one person.
I mean, I’m just one guy, I’m the secretary of defense, but there are these people and I — we get these things going where (inaudible) the spirit of a lot more people than the secretary of defense himself. So the secretary of defense goes out and somebody else comes in, there will still be all these other folks.
MR. SCHLEIN: Perhaps one of the most innovative or at the — initiatives that you’ve done, that’s as far us and when I think we launched yesterday, which I actually think is an initiative the Russians and the Chinese already had which is called, Hack the Pentagon.
MR. SCHLEIN: But - talk about it because it’s so cool. I mean, it’s such a cool idea to allow a varied group of hackers -
SEC. CARTER: To attack us.
MR. SCHLEIN: To attack.
SEC. CARTER: It’s a lot — no, I mean, you’re right. There are black hats out there and this is white hats and we’re trying to adopt what is the best practice. There are lots of companies that do this. And you invite people to come and attack you and find your vulnerability. And it’s really crowd sourcing the expertise and having access to good people rather than bad people.
And you’d much rather find the vulnerability and you are all experts at this. You’d much rather find the vulnerabilities in your networks in that way than by the other way, which is pilferage of information. In our case, compromise, shutdown and so forth of our networks.
So we happen to have a bug bounty, first ever in the Department of Defense and I think we’ll learn something.
MR. SCHLEIN: You might have some of the people in the room. So — are there some rules? I think everyone is at a big risk. I think maybe U.S. citizen, I think that’s one of the ones I see.
SEC. CARTER: We really need to make sure that they’re white hats. (Inaudible) get some confidence that it’s that.
But look, that’s pretty much it. And then they’ll be the reward of having won, but also with a matter of award also for doing this. And it’s a way of — it’s an example of using best practices out there in the government. There are companies that are doing it. They’re not doing it for fun. I’m not doing it for fun. I’m doing it for utility.
But it’s something we wouldn’t have thought of necessarily on our own. We’ve learned from —
MR. SCHLEIN: Culturally. I mean, this is — (inaudible) — culturally for the department to sort of say it is okay for others to tell us where we screwed up or something is wrong.
And to — because we do that all the time in startups if startups don’t realize in innovation what they’ve done wrong and then fix it quickly, they die. And so I - that, to me, is one of the great messages that you’re trying to -
SEC. CARTER: I hope it is, because if you don’t take risk, and you’re not willing to fail, then you’re never going to get anywhere. And you all know that and that’s one of the things that’s imbued in the innovative community out here.
And we have to try to imbue our own — our own folks with the same kind of spirit; go out there and try something new. We can’t just keep doing what we’re doing because the world changes too fast. Our competitors change too fast. So it’s — it’s — it’s a serious matter for us to remain open.
And government does tend to be closed. The defense establishment especially just tends to be closed. And one of the important reasons for doing some things secretly and so forth. But by and large, I think the more open we are, the more connected we are to the innovative community, the better we’ll be at doing what our mission is.
MR. SCHLEIN: Well, let’s switch tacks here for a second. (inaudible) — in her introduction to us talked about the — the east-west divide. And I think our friends in China would be happy to know we’re talking about the east coast and the west coast in this conversation.
And, you know, as a group of technologists, we used to pride ourselves on sort of being above the political fray. We would deliver innovation and people just buy it and use it and, you know, Washington, just stay out of our hair.
I know you are — I am being asked pretty much every hour of the day right now about the Apple encryption case.
SEC. CARTER: Sure.
MR. SCHLEIN: And — and what that means with the FBI legally. How is that going to affect us at the end of the day? You know, I know different people might have a — (inaudible) — vision of what the right answer is — (inaudible), but how does this start to work itself out, so it doesn’t become where we get fixated and we dig our trenches and, you know — (inaudible).
SEC. CARTER: I so agree with your overall approach. The specific case, I can’t really get into it’s in litigation. It’s a law enforcement matter, it’s not a defense matter. But I can — (inaudible) — I mean, but the — the general point is right on.
And I think that, first of all, that we — that is, now just speaking for the Department of Defense — data security including encryption is absolutely essential to us. None of our stuff works unless it’s connected. There’s no point in my buying all these planes and ships and tanks and having soldiers, sailors, airmen and Marines if I can’t connect them.
And so data security is an absolute necessity for us. So we’re foursquare behind strong data security, including strong encryption. No question about it.
(inaudible) - and there are big -
SEC. CARTER: Yes, — (inaudible) — I’ll get to that.
SEC. CARTER: Just to cut to the chase. I’m not a believer in back doors or a single technical approach to what is a complex and complicated problem. I’m just not. (Applause.)
I don’t think that’s realistic. I don’t think that’s technically accurate. And I — the reality is that this is — that the problems of data security are — are many, as you know. It depends on data-ware, data-in-motion, data-at-rest, data-here, data-there. And so there are lots of different parts to this.
And there isn’t going to be one answer. I don’t think we ought to let one case drive a general conclusion or solution. And the only way we’re going to get to a good solution is by working together. That’s the real answer to your question. We have to work together to work our way through this problem.
I really could put it this way. It’s not like there’s something out there that we just have to pick. We have to innovate our way to a sensible result for data security in all of these areas. And we need to do that because you can easily think of what the alternatives to a sensible — (inaudible) — are.
One is a law written by people who won’t have the technical knowledge of the people in this room; maybe written in an atmosphere of anger or grief; and that’s not likely to be the right answer.
Another alternative, which I don’t like, is that the — that the solution is written by another country, like Russia or China. And you know what their attitudes towards data freedom and data access are, as well as data security.
So it’s much better if we do it together. That’s the path I think we need to be on. Let’s be collaborative. Let’s be technical. Let’s recognize that this is not one case and one problem. It’s many, and innovate our way together to the answer.
MR. SCHLEIN: You don’t — you don’t think, then, we end up in some defined legislation, call it the We Must Help The Government Terrorism Act of 2016. It’s much more specific — (inaudible).
SEC. CARTER: I can say we’re not in the — in the executive branch seeking legislation of that kind. I think we know that it’s more complicated than that. It would be better to work this out, rather than have a law written.
But that’s a very real prospect. People are concerned about the underlying issue, no question about it. But I don’t think writing a law without a real technical exploration of all the innovative solutions to these issues is really the right way to go. And so I hope we can get underway on collaboration and get things on a more sort of technical and professional track.
MR. SCHLEIN: It would seem like all parties would have been better served if this had never become a big public fiasco.
SEC. CARTER: Again, one case shouldn’t drive a whole subject.
MR. SCHLEIN: There’s a tangential comment around this. Why do consumers seem to be more okay with Google and Facebook having large amounts of information, but when it comes to the government, we end up with a different, you know, — there’s a — I don’t know if I’d call it — I don’t know if lack of trust is it, but there’s a — (inaudible) — what’s going to happen. And it raises everyone’s, you know, temperature.
SEC. CARTER: Sure — (inaudible). It’s a good question — (inaudible) — on my own behalf. Looked at from the government’s side of it, I regard us as having a solemn trust to the people we represent — the people who pay us. So we’re not anybody else. We are the government. And so it’s fair that people hold us to a very high standard. I don’t have any problem with that at all.
And — but since as the government, you have powers over people — law enforcement powers and so forth, it’s important that information be used in a lawful and appropriate way. So I — I’m — it is puzzling to me, as I said, a logical thing, as you say. At the same time, if you’re saying what’s the difference between you and Facebook, I know the difference between me and Facebook. I’m the government. I need to — (inaudible) — anything about Facebook, but I have to (Laughter.) I work for you.
And I need to conduct myself in a way that is compatible with your interests. And my job is to protect our people. And I need to do that in a way that is compatible with the values that they have. So that’s just a different standard. And I’m okay with that. I know there’s a difference.
MR. SCHLEIN: It seems to me that we’d serve ourselves well if over the next bunch of years, we figure out a way to also continue to bridge that trust. So that more information more information sharing can happen. I think information sharing is going to be critical to our national defense and national security.
So, last week, you started talking about the U.S. Cyber Command, using offensive cyber weaponry to battle ISIL.
SEC. CARTER: Yes.
MR. SCHLEIN: And I — I wonder if you could tell us what — what our goals were with using cyber weaponry in this particular case, or in general. And then I’m also curious why this is so public.
SEC. CARTER: Well, I’m not going to be very public about the details of it.
But I can — we — we have been public about the fact of what we’re doing and — and some of the kinds of things we’re doing. And they’re this.
We will — we must — we’re going to defeat ISIL. No question about it. And I’m looking for all the ways we can accelerate that defeat. What does that defeat mean, by the way? We’ve got to defeat it first in Iraq and Syria. That’s where it sprang form. I use a cancer metaphor and I say that’s where the parent tumor of ISIL arose. And we need to defeat it there.
But it spreads elsewhere. There are other places in Africa, showing up in Afghanistan. There are even people in Europe and the United States who are involved in various degrees. And we need to combat it and we will. And we’ll defeat it in all of those domains.
But I want to accelerate that process and we’ve got lots of tools that we’re using to do that. We have people on the ground who are assisting local forces to take back their towns and their cities from these awful guys. We are having an air campaign going on. So we’re doing lots of things.
But one of the things that we are doing is using our cyber to stop — to interrupt their ability to command and control their forces; to make them doubt the reliability of their communications; take away their ability to control the local population — the local populace. And these are things that have been done in war for a long time. Right? People have attacked kinetically with bombs other people’s command and control — an enemy’s command and control system. We’ve long used radio frequency ways of doing this — jamming radars, for example.
Now, because enemies use cyber, that’s another way that we can accomplish our objective.
But in this case, it’s the defeat of ISIL, and it’s a very effective tool at shutting down their ability to organize their forces and to repress the people on who’s territory they’re occupied. So we are going to do it. We’re not going to talk about exactly how we’re doing it, when we’re doing it and in the manner, but that’s the basic idea, and CYBERCOM is our responsible combatant commander.
MR. SCHLEIN: And people may or not know that U.S. Cyber Command is inside the NSA.
SEC. CARTER: It’s alongside the NSA.
MR. SCHLEIN: It’s alongside the NSA. And could you envision a time where, you know, cyber warfare is so pervasive as to how we protect ourselves that it sits alongside of the Army, the Navy, the Air Force as a military branch, much like the Air Force started not as a military branch. It was a support service and became a major — (inaudible) — so that’s really a secretary that’s reporting to you on that?
SEC. CARTER: I — we left down the road right now, and I’ll tell you — tell you why. But sure, I can imagine in that in the future. And just to unpack what you said, the key there is what kind of cyber force are we going to have in the future. And that’s a very good question.
I’m not sure, by the way, how much of it’s going to be a uniformed force, how much it’s going to be civilian force, how much it’s going to be a contractor force. So we need to imagine what the appropriate force of the future is, and it’s not necessarily a traditional military organization like the other services. That’s one thing I’d say.
The other thing is that right now, we do manage CYBERCOM, which is a military combatant command, reports to me, the chain of command, and it’s from the combatant command up to the secretary of defense to the president of the United States. That is our military chain of command, it’s in Title 10, U.S. Code, and that’s the way it is, and that’s good.
But we do at the moment have the same person running the National Security Agency, which is a field agency that I manage also. It’s part of the Department of Defense.
Now, what’s the logic of having those two sit next to each other? Well, you can imagine them being separated; one can be on the West Coast, one can be on the East Coast. My real difficulty is I don’t have, just like everybody else here, I don’t have enough good people to put them in different batches, so the fact that NSA and CYBERCOM are nearby means they can help one another, and really talented we can assign — cross assign. And that’s very valuable to us.
So sometime in the future, maybe I’d have the luxury of being able to bureaucratically separate them, for right now, keeping them together makes good sense.
MR. SCHLEIN: The issue of offensive cyber and the use of offensive cyber obviously by the private sector, it’s illegal.
SEC. CARTER: Sure.
MR. SCHLEIN: And something that I’ve been disturbed by in the — and especially in the last year, is when you have breaches done in private organizations by nation-states, and then lawsuits ensue where these companies are being held liable — maybe — working with (inaudible) for not being able to protect themselves against nation-states.
And, you know, I — it’s hard enough, as you well know, protecting the DOD networks against, let’s say, China in particular, let alone any given private organization to protect themselves. Should some level of offensive help be afforded to the private sector, obviously via the right vehicles, and they have — or is this just going to be purely reforming tort law? How do we do that?
SEC. CARTER: I mean, we’re talking about CYBERCOM. CYBERCOM has three missions. One is to defend our networks — so I said that’s job one, defend our, meaning DOD’s networks. Job two is to help our companies, our economy, our critical infrastructure to protect itself. Now we do that — that’s not entirely a DOD thing, so we’re trying to help — helping others to help those companies. And the last is to use offensive cyber and be prepared to use offensive cyber.
But as we think about other nation-states doing damage, I mean, first and foremost, that’s another reason for the necessity of this kind of coming together around the people that are here. Data security is an absolute — it’s a — first of all, we have to help our companies harden themselves. There is another side to it, and — (inaudible) — I don’t want to bring you too much, but other countries are on notice that an attack on the United States is an attack on the United States.
And I don’t care if you do it with a keyboard or a bomb, an attack on the country is an attack on the country. That’s our interpretation, that’s the instructions we’re under. So it’s a serious business.
Now sometimes, there are problems with attribution and that kind of thing, and I think it’s fair to say the world is feeling its way along about cyber as a foreign policy and national security issue, but for me and in this job, protecting our networks but also helping to protect our country from attack, an attack is an attack.
MR. SCHLEIN: So it’s potentially a good offense might be our best defense.
SEC. CARTER: I would say we’ve acknowledged that we are prepared to do that, critical part of CYBERCOM’s mission.
MR. SCHLEIN: A topic that we haven’t talked about yet, you and I — you unfortunately had to sit and listen to me for a whole dinner on this topic — is — has to do with procurement and acquisitions. And, you know, in the — in the audience, you have a lot of entrepreneurs that have companies where they’re part of other companies that would love to sell technology into the Department of Defense and elsewhere in the government.
And the procurement and acquisition rules, which I know you’re very familiar with…
SEC. CARTER: Yeah.
MR. SCHLEIN: … are so hard to deal with, to allow that to happen, so that the best and the greatest innovation doesn’t end up necessarily, at least in a timely manner, in the hands of who we really want to have it.
SEC. CARTER: I’m just completely intolerant of that as an excuse. We can’t do things that way. And so my acquisition executives, and the reason I have done all these things that you started at the beginning, is to make it not impossible for people to work with the government, to find some tunnels that go through this wall between east and west, this wall between government and the private sector, to dig those tunnels so that people like Ash Carter, you know, years ago, get a chance to go back and forth, that ideas get a chance — and money gets a chance to go back — go back and forth.
Now yes, it’s the taxpayers’ money, we understand that. And therefore, it’s like everything else. We have to conduct ourselves in a way that you will think is proper since it’s your money. But that doesn’t mean we have to be slow, that we have bureaucratic, that we have to be ponderous, doesn’t have to be — but we have to come out and tell you exactly what it is we want you to do rather than give you a chance to be innovative.
So I — I — and I look at these as not insurmountable obstacles, I look at them as obstacles that have to be surmounted. And we can do that, and we are — we are — we can — we’ve shown we can do it in particular places.
I’ll give you an example. I think DARPA is pretty good at giving out money and connecting the innovative. And DARPA’s been around for a long time, and it stays fresh mostly because it has really great people. And I’ve been talking recently about a process that I set up called the Strategic Capabilities Office, which was essentially built around one smart guy. So — and the story of this is I happen to spot this guy, very smart guy, and of course, I was giving a briefing on something else. I said, wow, this guy really knows what he’s doing.
And so I said why don’t you go outside and start working on some problems here and see what you find, and he found solution after solution after solution. All of our service chiefs, our Joint Chiefs of Staff, love the guy because he’s providing real solutions to it. So there are ways that you can be an exception to what I know is the rule of the government is ponderous. But I’m just telling you I — we can’t have that.
So I don’t accept that, I recognize it is a barrier — I was an acquisition executive — but we have to do better, and we can find ways of doing better. That’s why — and as we connect out here, I’m pressing our people to change the way they do things at the same time they think about how technology can change their…
MR. SCHLEIN: So is it fair, then, for this group to assume that they should be able to do…
SEC. CARTER: Yes.
MR. SCHLEIN: …three-month pilots, six-months sales cycles, you know, purchase — and then — and they’re going to…
SEC. CARTER: Yeah. There are ways to do that, and we’re going to find more. Actually, by the way, I — this precise question is one of the many things I happened to discuss with Eric Schmidt this morning when we were talking about the Defense Innovation Board.
So one of the things the Defense Innovation Board is going to do for me is identify, invent those methods that allow us to become more agile. And to show we can do it, I’ll give you some examples. When I was acquisition executive, yes, we had all these slow, ponderous programs, we also had two wars going on in Iraq and Afghanistan. And that’s no kidding stuff, and so you can’t give a general the answer that you’ll get around to it in two years, but you’ve got a contracting process — I mean, you can’t — it — people’s lives and victory are at stake.
And so we found inventing — I don’t know if you know about the MRAP vehicle, the special armored vehicle that saved so many lives…
MR. SCHLEIN: Yes.
SEC. CARTER: With that, we had to sort of take it out of the normal system and put it on a special fast track. And we did. And we delivered thousands of them to Afghanistan of all places, which is a really very forbidding place to get to logistically. All these armored vehicles in the — from idea to fielded delivery of thousands of vehicles to Afghanistan, that whole thing was 18 months. All of them fielded. And fielded means, you know, soldiers and Marines trained to drive them.
So we can do it, and we — I think that what you have to feel is the tempo that you all feel competitive tempo, which is we’re not at war every day with everybody around the world, but everybody who could be an enemy, you have to look at them and say if something — if there’s a dust-up with that country tomorrow, what should I be doing today to make sure that the United States wins and they don’t.
You know, we have to think that way about everything. And…
MR. SCHLEIN: So one final question I had for you before we wrap up is you’ve put forth a budget of $583 billion, I believe is the number, which is actually larger than Uber’s (inaudible).
That’s — it’s a big number here. It’s a — it’s a big number. Of which, I think, 72 billion-ish for R&D.
And so the big — they’re just big numbers. One could be super-impressed by the number, because it’s — it’ll get spent. Assuming it gets approved, it’ll get spent.
But how – actually I want to move you into the mind of here in Silicon Valley a lot of times, we use capital as a way to restrict priorities, and — and — and kind of move forward innovation and encourage entrepreneurship because you can’t afford to waste.
And so I — my question isn’t so much - because the numbers you deal with- they’re so astronomical for any of us to get our heads around, and honestly, is there an idea that maybe too much money may not lead to the innovation that you want?
SEC. CARTER: Sure.
MR. SCHLEIN : Does it cause the — have to make the tradeoffs we do and that drive a lot of
SEC. CARTER: I understand what you’re saying, and that’s a — that’s a problem in any project or program that’s given a budget and comes to expect a certain budget.
And that’s why in our programs, I — and one of the things we need to do is challenge people every — what have you done, and not make them believe that this is just an infinite stream of — of funding.
And the other thought that occurs to — and in response to your question, is this. It — that’s a lot of money to ask for the taxpayer — for. I believe, and I’m actually certain, we need it to do what we — what we need to do to protect our country.
However, I know that I can’t ask for that much money with a straight face unless I can also prove to people that we make good use of it. And I know that there are places where we don’t.
We have too many bases — too much infrastructure. I can’t get authority to close them.
MR. SCHLEIN: I understand.
SEC. CARTER: That’s just — that’s excess that I know I’m carrying. We have acquisition programs that are — aren’t managed properly, and that run over cost and so forth.
So I think we have to be very hawkish on the question of reform at the same time that we’re strong on the — on the — on the principle of innovation. And the two kind of go together, because really good innovation is economical and parsimonious and lean.
MR. SCHLEIN: I’d love to give you the opportunity to — to give the audience any call to action that you’d like to deliver. (inaudible) — we have to work together. We know we have to work together. We cannot allow today’s issues to — to disrupt our ability to ? — it’s a symbiotic relationship, it always has been a symbiotic relationship.
This valley was created by a lot of technology that came from — from Washington. A lot of those research dollars — and we understand our role, but from a national security, as well as a — an economic standpoint, through this country.
And here’s a group of people, as well as others out there, that I think — (inaudible) — would love to do something on behalf of the country. What would you ask for?
SEC. CARTER: Well, first of all, I very much appreciate the interest. I — I sense that, not just in this room, but people out here and people in the innovative sector are where they are because they like to do things that matter and have consequence — this and what — the mission of my Department of Defense is a very consequential thing.
So if you — if you’ve taken an interest in it, and it’s sparked an interest in it, thank you. Reach out to us. Be a part of our — whether you’re looking at problems and offering us a solution, whether you’re offering your own commitment for a year, six months — with lots of avenues for you to connect with us that you probably haven’t thought of, and we’re trying to think more about every day.
And look for them, and I’ll help you look for them, and that’s what all the things that I talk about – DIUx for example — supposed to be exactly that kind of switchboard.
And the last is — you know, recognize that I’m determined that we meet you halfway — that this be a real dialogue and a real connection. I know we need to look ourselves in the mirror and become more innovative ourselves.
So I — I promise you that, if you take a step, we’ll take a step back in the other direction. We’re — we know that we need — when you build a bridge and you start to cross that bridge, both sides need to start walking over, and I’m committed to doing that on behalf of the government.
And after all, we are you. You pay us, we represent you, and our job is to protect you, and we’d love to have your help.
MR. SCHLEIN: Well, Mr. Secretary, we — we can and will overcome this public discourse that’s going on today. The — the Valley and Washington, I think, are inextricably linked, and — you know, really, really appreciate you coming out to Silicon Valley, spending the time with this group at RSA.
Thank you very much. Thank you for everything you do ?. Thank you.
SEC. CARTER: Thank all of you.