鈥楲iving off the land鈥� doesn鈥檛 mean what it used to
鈥淓veryone, please click on your [software] update right now.鈥�
Those words 鈥� from the Hoover Institution鈥檚 Stephen Kotkin 鈥� were a public-service announcement, delivered partly in jest, during a 2025 SIEPR Economic Summit session on military defense and national security in the AI era.
鈥淲e鈥檙e in a period of tremendous upheaval because of the degree of vulnerability we have now, where everything is interconnected, and the military industrial complex isn鈥檛 a place, it鈥檚 software,鈥� said Kotkin, who moderated the session.
鈥淎 teenager in the basement who doesn鈥檛 use shampoo and is just having fun can get into a [top-secret] lab,鈥� he said. Or, into 鈥渟mart鈥� home appliances: 鈥淢y refrigerator [didn鈥檛 used to be] a source of vulnerability.鈥�
The insights from the session鈥檚 panelists 鈥� all with insider perspectives from the front lines of national security 鈥� were just as sobering (thankfully, the cocktail reception was next on the Summit agenda). At a time of heightened geopolitical tensions, the risks of a cyberwar that cripples critical infrastructure 鈥� whether it鈥檚 China attacking the U.S. or the U.S. going after Russia 鈥� has never been higher, they agreed.
鈥淐hinese hackers are now 鈥榣iving off the land鈥� [in the U.S.],鈥� warned panelist Nicole Perlroth, a former New York Times cybersecurity reporter who previously served on a Department of Homeland Security advisory committee and is now a venture partner at Ballistic Ventures. 鈥淭hey don鈥檛 hack in anymore; they log in. They鈥檙e just there and they stay there in the event they鈥檇 have to do something one day.鈥�

What this and other military threats mean is that defense is no longer about 鈥済oing from one point of capability to another point of capability,鈥� said Arati Prabhakar, who served as science and technology advisor to former President Joe Biden and previously led two federal research and development agencies. 鈥淵ou now need to be on an escalator 鈥� always able to iterate and get better and faster.鈥�
The promise of public-private partnerships
There鈥檚 good news on that front, according to Raj Shah, a onetime F-16 fighter pilot who previously directed the Pentagon鈥檚 Defense Innovation Unit, which works to bring commercially developed technology for military defense, and who is now a venture capitalist.
By Shah鈥檚 calculation, venture capitalists a decade ago were pouring at most $300 million a year into companies whose products and services had national security implications. In the last three years, he said, that figure was $140 billion.
鈥淵ou鈥檙e seeing this massive trend that will continue,鈥� Shah said.
Other panelists were equally bullish on the role that the private sector can play in fortifying national defense. Perlroth recalled how companies rallied to help root out Russian malware that could cripple Ukraine when the war between the two countries started two years ago.
鈥淲e always talked about these hurdles and silos to public-private collaboration,鈥� she said. 鈥淭urns out, all you need is a Slack channel.鈥�
One of most effective defenses against an enemy cyberattack is simple and 鈥渟uper boring,鈥� Perlroth said. 鈥淧atch your software; run your updates.鈥�
Panelists said that Congress will likely have to step in to require companies to comply with basic security protocols. There鈥檚 a role, too, for private markets. For instance, a company that Shah co-founded, called Resilience, sells cyber insurance that requires regular monitoring of policyholders鈥� digital security systems. If the policyholders aren鈥檛 staying up to date, the potential insurance payout if they get hacked falls sharply. Why is this a good idea? Because, Shah said, the challenges in combatting cyberattacks 鈥� whether from criminals or adversaries 鈥� are not so much technology problems. 鈥淭hey鈥檙e behavioral problems,鈥� he said.
Highlights of the 2025 SIEPR Economic Summit
Photos by Ryan Zhang.