Mr. Sander Goes to Washington?

Mr. Sander Goes to Washington?

Originally published on LinkedIn: https://www.linkedin.com/pulse/mr-sander-goes-washington-jonathan-sander-bafre/


First, I have to disappoint you. When OpenPolicy brought me to DC to meet with members of Congress, I was not doing some dramatic, courtroom style testimony and being asked pointed questions by people in suits banging gavels. That would have been fun. I did wear a tie not too different from the pic above, though!

What did happen is honestly more interesting. The two days on capitol hill running between offices in and out of the Capitol itself taught me a great deal about how policy is really made.

Let’s do the name dropping. On our trip, we met with:

  • Rep. Eric Swalwell and his staff
  • The House Permanent Select Committee on Intelligence (HPSCI) member Rep. Jim Himes and his staff
  • The Committee on Homeland Security and Governmental Affairs (HSGAC) Staff
  • The Staff of Sen. Tom Cotton, Chairman of the Senate Select Committee on Intelligence
  • The Staff of Senator Angus S. King, Jr.
  • The Staff of Senate Minority Leader Senator Charles Schumer
  • The Senate Committee on Armed Services Senior Staff
  • The Staff of Sen. Eric Schmitt
  • The Cybersecurity and Infrastructure Protection Subcommittee of the House Homeland Security Committee (shout out to my fellow New Jerseyan Alexandra Seymour!)
  • The Staff of Sen. Mark Warner
  • The Staff of Sen. Ted Cruz

In other words, we talked with people from the whole political spectrum who are all influencing how the US government and all its functions affect everything from government spending on cybersecurity to guidance for the entire market (the entire world) through policy and standards set by NIST and more.

These conversations felt like normal tech meetings I’ve been in. Some were focused on the business and economic effects security would have on trends like AI adoption. Some were more into the details of how specific controls would hamper or accelerate technological maturity. Just like most tech meetings, some people were more well informed than others.

Rumors of the government being luddites are definitely exaggerated. Like any large, heavily regulated organization, they simply have to deal with many details in every move they make. The people I spoke with were no more or less well informed or passionate about progress in cybersecurity than any other audience I’ve had.

Of course, there was a great deal of focus on AI, agentic systems, and other AI powered platforms. A theme that emerged from the day was that many private, commercial firms are looking for - and failing to find - good guidance about how to best adopt AI. That lack of guidelines is slowing down adoption.

It’s a rare case where having some regulatory baselines would likely increase the speed of adoption in many respects. No one wants to adopt AI in a wild way which endangers their data, their systems, or their ability to execute as a business long term.

What was very encouraging is that no matter what politics, geography, or mission the people we met with were aligned to, they all seemed to genuinely want technological progress. It’s a truly universal issue.

There were funny moments where folks from one side of the aisle were asking us about the thoughts of those on the other. I couldn’t help but be reminded of the many times that, as a vendor, I’ve seen how we can build coalitions in big companies between teams that don’t have much communications internally. That willingness to work together on things that matter to everyone was the most interesting and encouraging thing I took away from the day.