What should the Biden administration consider in its cybersecurity strategy in order to have the greatest impact?

As an industry we have a lot to solve on our innovation cycle, and what tackling a problem actually means. Cybersecurity is only about a $167 billion market, so if we don't solve that, I could see it getting consumed and integrated back into IT—which is a $4.4 trillion market—as just another appendage. We say, "Cybersecurity needs to drive IT," but that's not going to happen. It's $167 billion to $4.4 trillion. It'll be a piece but it's never going to drive a bus here.

People talk about Colonial Pipeline or SolarWinds as if they were watershed moments. But years ago at the time of the breach for the Office of Personnel Management (OPM)—which hosts all classified background checks for every US service member and their family members, contractors, and government agencies—the cyber budget was $16 million. After the OPM breach they bumped it up to $19 million—the federal government is not having a real conversation about this. Of all the money that's being invested, the US chiefs spend about $15 billion a year on cyber, but they’re putting it into weapons defense technology, as opposed to saying, "Maybe we should spend more than $19 million protecting the background clearance of every US citizen." So, we'll see how this goes. In my opinion, I don't see any marketed incentives to fix it yet.

The industry has to be held accountable so that we can stop the systemic bleeding, which is perpetuated to help drive revenue for individual security companies. It's time for us to say, "Enough is enough." We could probably leverage a couple different initiatives that are going to launch as the current administration starts to form its cybersecurity strategy.