Epirus & Galvanick CEOs on the Future of Defense & Cyberattacks
Timestamps are as accurate as they can be but may be slightly off. We encourage you to listen to the full context.
Podcast Summary
This compelling Sorcery podcast episode features two fascinating interviews with defense technology leaders at the Reindustrialize conference in Detroit. First, Andy Lowry, CEO of Epirus, discusses their revolutionary "force field" technology that uses electromagnetic interference to neutralize drone swarms - addressing what he calls the "sixth domain of warfare" where cyber attacks become physical. (02:24) The second interview features Joshua Steinman, former White House National Security Council member and CEO of Galvanic, who provides deep insights into operational technology cybersecurity and his experiences working directly with President Trump. (23:56)
- Main theme: America's critical need to reindustrialize and develop innovative defense technologies to counter emerging threats, particularly from China's mass production capabilities and sophisticated cyber warfare tactics.
Speakers
Andy Lowry
Andy Lowry is the CEO of Epirus, a defense technology company he leads that was founded in 2018 by engineers from his former team at Raytheon. At Raytheon, he worked on the Next Generation Jammer project, a long-range standoff electronic attack system that utilized gallium nitride phased arrays. His experience spans traditional defense contracting and Silicon Valley innovation, having managed multiple aerospace manufacturing facilities and worked with teams from companies like Rivian and Waymo.
Joshua Steinman
Joshua Steinman is the CEO and founder of Galvanic, an operational technology cybersecurity company. His remarkable background includes two tours in Iraq as a Navy sailor, four years at the White House National Security Council under President Trump where he owned cyber, telecom, supply chain, and crypto policy, and extensive experience at the intersection of emerging technology and national defense. He spent a summer in high school studying Al Qaeda and writing extensively about it - ironically, the summer before 9/11.
Key Takeaways
Embrace the "Product Company" Mindset in Defense
Traditional defense contractors are too coupled with customer requirements and lack independent thinking, according to Lowry. (03:18) New "neo primes" like Epirus, Anduril, and Palantir operate as product companies, focusing on capability gaps rather than just requirements. They invest their own capital ($200 million in Epirus's case) to build systems and prove their value before selling them. This approach allows for faster innovation cycles similar to Silicon Valley, using methods like EVT/DVT/PVT (Engineering/Design/Production Verification Testing) instead of traditional waterfall development processes. (12:17)
America Must Leverage Its Technical Advantages, Not Just Play "Me Too"
While China can build 60 million drones per year compared to America's 50,000, Lowry argues America shouldn't just try to match China's mass production. (06:01) Instead, America should leverage its core strengths: being "underdog comeback kings" with superior technology in radars, phased arrays, and gallium nitride systems. The key is taking knowledge from the military-industrial complex and applying it to commercial off-the-shelf (COTS) systems with Silicon Valley design principles. This strategy transforms America's traditional defense expertise into more accessible, scalable solutions.
Network Segmentation is Critical for Industrial Security
Steinman emphasizes that most industrial facilities run email and production systems on the same network, creating massive vulnerabilities. (44:18) If someone visits a malicious website on their work computer, attackers can gain direct access to CNC machines or robot arms. Companies must implement network segmentation as the foundational defense, separating IT systems from operational technology (OT) networks. Before implementing proper monitoring, companies rely on paper logbooks to track external access - a completely inadequate security measure for modern threats.
The "Sixth Domain" Requires One-to-Many Defense Strategies
Traditional warfare domains (land, sea, air, space, cyber) have evolved into a sixth domain where cyber systems become physical - drones, robots, and autonomous systems. (04:44) This creates swarm-like attacks similar to software viruses, where thousands or hundreds of thousands of physical cyber systems can overwhelm traditional one-to-one defenses. Companies need defense systems that can handle multiple simultaneous threats, just like antivirus software protects against many viruses at once. Single-target defense systems simply won't scale against mass drone attacks or robot swarms.
Real-Time Industrial Monitoring Replaces Manual Investigation
Traditional industrial cybersecurity investigations can take weeks or months, requiring non-technical personnel to manually collect data from remote facilities. (36:06) Galvanic's system replicates the work of entire analyst teams, auto-generating investigations in 2-5 minutes instead of weeks. The platform provides granular, real-time visibility into industrial networks, immediately detecting suspicious activities like strange laptops being connected, unusual website communications, or credential extraction attempts. This technological leap is essential because fewer than 10,000 Americans currently do OT cybersecurity work. (37:08)
Statistics & Facts
- China builds approximately 60 million drones per year compared to the US building only about 50,000 drones annually, representing a massive production disparity that highlights America's manufacturing challenges. (06:01)
- CrowdStrike is valued at $100 billion for securing IT systems, while operational technology (OT) cybersecurity has almost zero comparable investment, revealing a critical gap in industrial security funding. (34:51)
- Fewer than 10,000 Americans currently work in operational technology cybersecurity, according to a White House-chartered study, creating a severe talent shortage for protecting critical infrastructure. (37:08)
