On Thursday, September 18th, DMV Rising 2025 took place at the Virtru HUB in downtown Washington, D.C. Much like the continued growth of the DMV's cybersecurity ecosystem itself, the conference has evolved since its inaugural iteration in 2023. What started as a promising regional gathering has grown to a can’t-miss experience for industry leaders and innovators making pivotal decisions across D.C, Maryland and Virginia
With over 200 executive-level registrants pushing the attendance to full capacity, the exclusive event showcased four panel discussions that highlighted the scope of the region's cybersecurity landscape, from early-stage innovation to global market leadership. Each talk brought together voices from the DMV to share lessons learned and explore the critical challenges and opportunities defining the industry's future.
N2K CyberWire was again the lead media sponsor for DMV Rising, with producer and host Dave Bittner representing as the conference’s master of ceremonies.
Matt Howard, Chief Marketing Officer at Virtru, articulated the conference's core mission in his opening remarks, identifying three fundamental themes that define DMV Rising's purpose. First, the gathering serves as a celebration of cohorts and their collective successes within the DMV region's cybersecurity ecosystem. Second, it provides a forum for sharing knowledge on inherent challenges of building successful cybersecurity businesses—from developing initial ideas, building organizations, delivering solutions to customers, and actually solving complex problems in what Howard characterized as "one of the hardest industries to build within."
Most significantly, Howard emphasized the conference's role in reflecting on the potential of the region's cybersecurity leadership cohort. He acknowledged the DMV region's unique advantages, including access to Department of Defense and Intelligence Community ecosystems and talent pools, while posing a fundamental question: "Have we done, as an industry and community, everything we are capable of?"
The answer: Absolutely not. He argues that there's no reason the region can't reach even higher summits and improve its posture on the global cybersecurity stage—but emphasizing that such achievement requires community effort rather than individual action.
If you missed out this year, don’t fret; We’ve recapped each panel in detail.
The opening panel, moderated by Jennifer Bisceglie, CEO & Founder of Interos, brought together a lineup of early-stage leaders shaping the security landscape of tomorrow. Featuring Michael Edenzon, Founder & CEO of Fianu, Daniel Bardenstein, Founder & CTO of Manifest Cyber, Jason Kaplan, CEO of SixMap, and Zack Conord, VP of Corporate Sales at XBOW, this session tackled how security organizations should and should not use AI, vulnerability management, as well as key learning moments from each executive’s journey.
A recurring theme throughout the discussion centered on the importance of deep knowledge when building solutions in the cybersecurity space. Daniel Bardenstein emphasized this point, noting his team's advantage in understanding the problems they're solving: "We aren't 22 years old in Silicon Valley trying to put moustaches on cats with AI." This domain expertise, he argued, enables companies to identify and address real pain points rather than creating solutions in search of problems. Jason Kaplan echoed this sentiment, stressing the importance of finding a specific problem to solve rather than attempting to be a catch-all company—a common pitfall in an industry where "every company tries to say they do everything."
Later on in the discussion, an unfortunate reality was made apparent around public understanding of cyber catastrophes. Michael Edenzon pointed to major incidents like Log4j and SolarWinds, noting that "very few people can even explain what happened with them" and highlighting a general literacy problem where "people aren't learning from the attacks." Kaplan agreed, expressing concern about the "tremendous exposure" created by the general public's lack of cyber knowledge and understanding. This knowledge gap represents not just an educational challenge but a fundamental security vulnerability at scale.
Looking toward the industry's technological evolution, the panelists shared mixed but ultimately optimistic views on automation and artificial intelligence. Bardenstein candidly admitted to being "a bit jaded" about AI being "slapped on everything" but expressed hope for genuine innovation and true automation advancement. He argued that the market incorrectly views AI security as separate from existing infrastructure when significant overlap exists. Kaplan emphasized that for automation to succeed, "defenders need higher-fidelity data and faster updates so they can outpace the offender." Zack Conord of XBOW opined that truly agentic systems as the frontier where real innovation will emerge.
The discussion closed with insights around the complex relationship between market forces and security realities. Bardenstein offered an often-stated observation about market behavior following major incidents, joking that "after major cyber incidents, you buy on the dip,” his point being that the market doesn't reward resilience as it should. Conord noted a shift in organizational attitudes, observing that while security has traditionally been "a check-box thing for many companies," CISOs are becoming increasingly concerned about impending threats, the rapidly changing hacking landscape, and how their organizations could be impacted.
The second panel, hosted by Mishi Choudhary, General Counsel at Virtru, spotlighted founders who didn't simply enter existing markets, but forged entirely new categories. This session featured Mike Brown, Founder & CTO of Strider Intelligence, John Ackerly, CEO of Virtru, and Dave Merkel, Founder and CEO of Expel—all leaders who have successfully transformed revolutionary technical concepts into mature, successful enterprises. The discussion explored how each creator identified critical gaps that others overlooked, scaled their foundational innovations, and built companies that now set standards for the industry.
The panelists started off by exploring the idea that category creation presents a unique business challenge that goes far beyond traditional market entry strategies. Dave Merkel articulated this fundamental hurdle: convincing customers they need something entirely new requires acknowledging that "it didn't exist, they didn't know they needed it, or, this is better, and this is why they need it." Mike Brown pointed out how category creators often aren't competing for existing budget allocations—instead, "customers will need to allocate new budget just to buy your product." This point alone illustrates the educational and evangelistic nature of category creation, where founders must simultaneously build products and markets.
The panel consistently highlighted focus as the category creator's most powerful weapon. Brown described what his team called "the march to ten"—the critical journey to securing their first ten customers through hyper-focused problem-solving. He explained that creating a category is fundamentally "about believing something is wrong, and trying to fix it, and getting people on board with that mission-orientation." John Ackerly illustrated this with a powerful example, describing inadequate data sharing as a "pipe to the face" and pointing to how the U.S. government potentially could have prevented the 9/11 terrorist attacks with secure inter-agency data sharing capabilities. This intelligence failure inspired him and his brother/Co-Founder Will Ackerly to start Virtru.
Each speaker agreed that category creation demands a fundamentally different timeline than traditional business ventures. Ackerly described Virtru as "the overnight success that was a decade in the making," emphasizing the patience required when working to "fundamentally change the architecture of data security." He stressed that authenticity is crucial for category creation, advising founders to "not overpromise" and accept that progress may be incremental over extended periods. This long-term approach proved successful—while Virtru didn't fit into existing categories, Ackerly noted there was still strong interest in data-centric concepts, and persistence eventually unlocked enterprise-level investment.
The panel also unanimously emphasized the critical importance of analyst relations in category definition. Both Ackerly and Merkel stressed that category creation is fundamentally "a human game" requiring significant investment in analyst relationships to properly define and position new market segments. Brown shared an amusing but telling anecdote about Gartner's response to Strider Intelligence: "We have good news and bad news. The good news is, you're first. The bad news is, you're first, and there is nobody else"—bluntly verbalizing the challenge of operating in a space where traditional market analysis frameworks don't yet exist.
The talk wrapped up with a chat on both opportunities and obstacles specific to building category-defining companies in the DMV region. Brown pushed back against the misconception that D.C.-based companies are automatically government contractors, playfully expressing frustration that "it drives me insane every time!" when people make this assumption. He highlighted the region's valuable talent pool, particularly noting the abundance of bilingual workers and international relations expertise. However, Merkel identified significant challenges, including limited local capital ("a lot more money in California, and investors want you closer") and a more risk-averse local talent pool in comparison to Silicon Valley. Despite these challenges, Ackerly shared how he successfully avoided pressure to relocate Virtru to the West Coast for funding, demonstrating that category creation can succeed while remaining rooted in the region.
The third panel, moderated by John Funge, Venture Partner at Data Tribe, examined the dynamics behind Israel's thriving cybersecurity ecosystem. Featuring Yossi Appleboum, CEO of Sepio, Seth Spergel, Managing Partner at Merlin Ventures, and Stephanie Cherrin, Partner at JP Morgan Technology Ventures, this discussion exhibited experts with deep experience spanning both Israeli and American cybersecurity markets. The session focused on concrete approaches to technology transfer from government to commercial applications, military talent pipelines, investment network development, and the cultural transformations necessary to position the DMV region as the next global cybersecurity powerhouse.
Funge opened the session with a thought experiment, sharing ChatGPT's characterization of the two regions' cybersecurity cultures. The DMV region was described as "mission-focused, compliance-first, and federal," while Israel generated the labels "offense-minded, deep tech, and global." These distinctions, while simplified, captured fundamental cultural differences that permeate each ecosystem's approach to innovation and business development.
The panel extensively explored Israel's mandatory military service as a cornerstone of its cybersecurity dominance, particularly focusing on Unit 8200, the Intelligence Corps unit of the Israel Defense Forces. Yossi Appleboum provided insight into the unit's unique structure, describing how "they create a startup, within a startup, within a startup. Eventually, you have your own business inside the unit." Stephanie Cherrin emphasized the scale and selectivity of this system, noting that "Unit 8200 is larger than the Navy" and describing it as "the greatest HR challenge I can think of" due to the government's ability to recruit from the entire country's service-aged population. This systematic approach to identifying and developing talent creates a pipeline that Seth Spergel noted doesn't exist in the U.S., affecting the talent transition from public-sector service to private-sector employment.
Another central theme that was discussed at length was how constant existential threat drives unprecedented innovation, creative problem-solving, and urgency. Cherrin articulated this dynamic powerfully, explaining how having "the safety of your fellow citizens on the line enables fast-paced decision making" and how Israelis are under "existential pressure, not just 'what will my investors think?' pressure." The high-stakes context creates what Appleboum described as intensified motivation among Israeli entrepreneurs.
Funge noted that the discussion would be incomplete without acknowledging the ongoing regional conflict in Israel and Gaza. Panelists discussed the implications of the October 7th terrorist attack on Israel's cybersecurity ecosystem. Rather than dampening innovation, both Appleboum and Cherrin predicted an explosion of technological advancement. Appleboum expressed optimism that the crisis would ultimately lead to "tons of new technology that will be good for all of us," while Cherrin noted increased urgency among Israeli youth to solve problems and innovate as a direct result of the regional conflict.
The discussion ended with Spergel, as the panel's only non-Israeli, sharing a sense of "team" among Israeli entrepreneurs, attributing this to shared military service and a "can't-fail" attitude that he hasn’t observed in other cultures. He shared the opinion that their military background creates natural networks and trusted relationships that facilitate rapid business formation and partnership development.
The final panel, led by Vikram Singh, Senior Vice President at West Exec Advisors, showcased the radical transformation reshaping the defense technology landscape as traditional prime contractor dominance gives way to agile innovation. It featured Charlie Katz, Managing Partner at King & Spalding, Seanna Senior, Sr. Vice President of Product at Govini, and Jennifer Bird, Senior Director of Global Defense at Anduril. The panel explored how relatively new-on-the-block companies are securing major contracts, attracting unprecedented investment levels, and introducing Silicon Valley-speed development cycles to national security challenges, essentially rewriting the rules of engagement in a sector historically resistant to change.
Singh opened by highlighting the Department of Defense's fundamental strategic pivot toward a commercial-first approach, emphasizing the growing centrality of software in modern defense capabilities. This shift represents a departure from traditional acquisition models, creating space for innovative companies to directly address defense challenges. Charlie Katz, drawing from his legal perspective and experience dating back to 9/11, described the evolution he's witnessed firsthand: historically, "so much money went into primes and system integrators," who dominated government solutions, while smaller organizations handled niche issues that primes considered insufficiently lucrative. The transformation has seen these same large companies now actively seeking solutions and products they can provide to government clients, creating unprecedented growth opportunities.
The panel dove into how technological acceleration and complexity are forcing structural changes in defense contracting. Katz emphasized that while "larger primes are always going to be there," the rapid pace of technological change has created opportunities for innovative companies to support modern warfighters. This evolution demands greater agility across the board: "Everybody has to be a little more nimble. The procurement process has to be more nimble." He cited the Golden Dome initiative as exemplifying how collaboration between traditional and new players is becoming essential, noting that such projects are "way too big for one organization to handle."
Seanna Senior highlighted a critical gap in the defense technology ecosystem: while primes build "exquisite platforms," there's often inadequate software to effectively utilize these systems. This creates acute problems across the defense acquisition landscape, where advanced software solutions are increasingly necessary. Senior also identified data access as a fundamental roadblock for smaller companies, explaining that while data security is paramount, current restrictions create unnecessary entry barriers. She advocated for solutions that "keep the process secure but remove some of the burden," which would represent a transformative change for emerging defense tech companies.
Jennifer Bird's account of Anduril's explosive growth—from 1,400 to over 6,000 employees in just three years—illustrated both the opportunities and risks facing new defense tech entrants. She described overcoming initial skepticism about Anduril's technology through consistent performance and credibility-building. Bird talked about how programs like Replicator and JADC2 succeeded because they had "actual funding identified and executed on," demonstrating the Department of Defense's commitment to meeting industry capabilities where they exist rather than forcing adaptation to antiquated procurement models.
Later on, a theme emerged around transforming acquisition methodology from traditional requirements-listing to problem-solving approaches. Bird emphasized how this change enhances competition and innovation. This shift also enables companies to leverage their core competencies rather than conforming to rigid specification frameworks, potentially accelerating solution development and improving outcomes for warfighters.
The discussion wrapped with Singh introducing a noteworthy economic perspective, pointing out that from a historical perspective, the U.S. is spending a lower percentage of GDP on defense than it did in the 1980s, for example. This observation raised questions about the sustainability of current growth trajectories in defense technology investment, as well as the element of M&A. The financial sector's concerns about potential budget contractions create uncertainty about whether the current expansion in defense tech opportunities will continue or face limitations based on fiscal constraints, adding a strategic planning dimension to the innovation discussion.
DMV Rising 2025 showcased not just the current strength of the region's cybersecurity ecosystem, but more importantly, its trajectory toward global leadership. The conversations across all four panels reinforced the opening challenge about unrealized potential—while the region has achieved remarkable success, the collective wisdom shared throughout the day made clear that this is only the beginning.
From the early-stage innovators tackling fundamental security challenges to the category creators reshaping entire markets, from the insights gleaned by Israeli innovation culture to the defense tech disruptors rewriting government acquisition, each discussion pointed toward the same conclusion: the DMV region possesses unique assets that, when properly leveraged through community collaboration, position it to become an even more impactful global cybersecurity hub. The path forward requires exactly what this conference exemplifies—bringing together diverse perspectives, sharing hard-earned lessons, and maintaining the collective ambition to reach those higher summits.