Today’s battlefield is no longer confined to land, sea, or air—it’s a fully interconnected, multi-domain arena spanning space, cyberspace, information, economics and more. As the United States redefines its defense, intelligence, and industrial strategies to meet this evolving threat landscape, both government and traditional defense players are increasingly turning to the venture-backed innovation ecosystem to stay ahead of the curve. Achieving peace through strength requires our warfighters to rely on modern software and software-defined weapons platforms necessitating reform within the government bureaucracy, as outlined by the Atlantic Council’s Commission on Software-Defined Warfare. 

Although there has been much discussion about why modernization is necessary and what needs to change in the system, far less attention has been given to how to build in defense tech. We believe the most challenging part of creating lasting technologies in this space is figuring out how, because the national security and defense tech sectors operate with dynamics that are unfamiliar to the traditional startup and venture capital world.

As we look to help companies navigate these considerations, we recently formed the General Catalyst Responsible Defense and Risk Committee, led by Brigadier General Rich Gross (former legal counsel for the Chairman of the Joint Chiefs of Staff) and Andy Makridis (former Chief Operating Officer of the CIA). This committee works alongside our investment team and the General Catalyst Institute (GCI) to strengthen our national resilience by backing transformative technologies and shaping public policies that advance mission impact. 

A Playbook for the Pace of Relevance

We recently sat down with some of our portfolio companies to discuss how to build for national security. These conversations focused on lessons learned in how to build the right way, a playbook to help activate the ecosystem. Here, the typical tech VC approaches of metrics-driven and customer-driven playbooks are not the appropriate indicator of success. The real customer is the mission—it is the mission that dictates the operational and technology requirements, which is unfolding in real time. The critical metrics are now around operational effectiveness, including survivability, lethality, manufacturing capacity, cyber vulnerability, supply chain security and resilience. The overall efficiency in bringing these technologies to market at the speed of relevance, coupled with using that technology legally, morally, and ethically to gain the warfighter’s trust, is in fact a competitive advantage.

Following our conversations, five key themes emerged:

1. Ownership of the mission
2. Be transparent about ethics and values 
3. Start small to go fast
4. Keep a systemic mindset 
5. Manage risks intentionally 

Companies building in this space must deeply understand and respect the responsibility of building tools that support our Nation’s most critical missions. Few tech companies create products used by individuals who willingly risk their lives to deploy them. This is serious work, with real-world consequences.

1. Ownership of the mission

Most tech innovators focus on customer-centricity, delivering fast, efficient solutions. That model works well in the private sector, but not always with the DoD or IC, which operate within complex, often opaque, regulatory and acquisition systems. While tech companies prioritize speed and agility, DoD and IC teams are structured for caution and reliability in support of a no-fail mission. While both sides recognize the need to modernize our national security architecture, this mismatch in pace and perspective can lead to frustration, blame and stalled collaboration. As a result, critical technologies may be delayed in reaching the hands of the warfighter in an evolving battlefield, negatively impacting the broader national security landscape.

Everyone agrees that delivering modern technology for national security is paramount. Instead of assigning blame or criticizing regulations, companies should take ownership when things go wrong by adopting a mindset that the responsibility lies with them, not the government. Regulatory challenges can be viewed as opportunities to engage constructively, and work with the government and policy makers to reform bureaucratic processes. Building trust and showing empathy for government partners navigating the bureaucracy themselves can help companies find champions who know how to get things done. They too are focused on the mission.

Key Lesson: Extreme ownership and belief that “the customer is always right—thus everything is our fault,” while approaching the buyer with empathy, will unlock not just near-term business opportunities but also shape future requirements. Look at regulatory challenges as an opportunity to constructively engage with your buyer.    

2. Be transparent about ethics and values

In a market where technologies have profound consequences, national security tech companies are finding success through a forward-leaning approach in development of their corporate values and how to engage in ethical debates. Clarity around these processes has become a strategic advantage to attract and retain talent, because best-in-class engineers building these products have a belief around how technologies could, or should, be used. Employees often want to feel they are a part of the process, even if the ultimate decision doesn’t go their way.

To build trust with their government partners, just as they do with their investors, founders and innovators must be transparent about the capabilities and limitations of the systems they build, and a process to sell them legally, morally, and ethically. This can be achieved via intentional governance but there must be a process; it cannot be arbitrary. For example, survivable, effective autonomous systems that employ kinetic weapons or deliver non-kinetic effects en masse have become highly sought-after on the modern battlefield by a variety of actors. 

Tech knows no borders, but its misuse can have global consequences. Selling to the wrong customers can carry serious legal and reputational risks. These systems can operate with minimal human intervention, raising questions around the necessary level of human involvement and decision making for who employs them. These issues are typically framed as humans in-, on-, or off-the-loop and raise issues around rules of engagement, command responsibility, technical sovereignty, and the responsibility of the company versus the government customer. 

Transparent internal practices and clear values help companies build trust with government partners. Pairing a bold vision with honesty about current capabilities can lead to strong partnerships, enabling security clearance sponsorships, product roadmap improvements, novel mission payload integration, and involvement in discussions around desired future capabilities.

This trust starts with recruiting, where companies should address ethics, controversial technologies, and responsible development. Accountability and transparency are essential as the U.S. and its allies pursue technological superiority while upholding our democratic principles.

Key Lesson: The best and brightest minds want to work for companies that “do good while doing well.” Adopting processes to foster moral, legal, and ethical decision making has become key to attracting and retaining top talent from across all industries, increasing the diversity of thought from those with experience outside of the defense sector, and expanding what is possible technologically that can shape tomorrow’s mission. Industry leading companies engage their entire team in frequent and robust discussions on values, ethics, and morals—what right looks like.

3. Start small to go fast

While the list of needs across the national security space is plentiful, a single startup cannot address them all. Bottom-up, product-led growth is challenging in any market, but this is especially true within defense and national security related tech. Often, access to the end-users with true understanding of the needs and operational environment is limited. However, this doesn’t require a large team to overcome. Companies such as Vannevar Labs achieved initial “product-market fit” with only two engineers and three mission / use case representatives. Anduril has several counter-Unmanned Aircraft System (c-UAS) programs that were started with minimal engineering and mission representatives that were able to win contracts in months. This extends to other companies as well, such as Onebrief and TurbineOne, and is a lesson that holds true for all startups building for national security. It is critical to pair deep domain expertise with lean engineering teams that are able to access those end users who are close to the mission requirement. 

Rapid iteration is also critical to a company’s business model, and the government as well. In a recent blog, The Valinor Model, Julie Bush shares her optimism around taking lessons from successful corporations (like Palantir, Berkshire Hathaway and Constellation Software), creating a “hub-and-spoke” model that provides them the flexibility to go after many small to medium-sized opportunities relevant to the warfighter and public servants. These mission-essential tools may not fit neatly into the traditional VC-backed model but are important to mission success. This allows Valinor to not only develop new products quickly and efficiently, but also acquire other products, to meet known customer needs and deliver them at scale.        

Key Lesson: Small cross-disciplinary teams of engineering talent and those with deep domain expertise, empowered by an agile business model, will allow companies to quickly ship products that address some of the Agency’s or Department’s most pressing needs.

4. Keep a systemic mindset

A significant challenge many startups face is how to maintain agility and the requisite depth of knowledge, when facing the vast and complex structure of the U.S. government. Given the mission’s broad scope and importance, many within this bureaucratic machine are solely focused on executing their specific function. We believe mission success depends on breaking down the silos of many distinct roles—end users, acquisition professionals, tactical and strategic planners, logisticians, equipment maintainers, IT personnel, and communications staff—so all can work efficiently. Startups must understand how these functions interact to build a holistic approach, sharing insights across teams based on engagements with government stakeholders.

In simpler terms, companies that successfully scale are able to manage multiple independent relationships across the entire system. In doing so, it is possible to inform alignment with the Agency’s or Department’s broader systemic processes and also identify opportunities not broadly known.

Key Lesson: Small teams must take a systemic approach to fielding products for national security to increase the likelihood for alignment between operational needs, logistical and maintenance schedules, acquisitions and budgetary processes, training requirements, and overall command approvals.

5. Manage risks intentionally

Companies must actively identify and manage both known and unknown risks, while recognizing the danger of complacency and unnecessary risk-taking. These risks span operational, financial, legal, and ethical dimensions, ranging from accidental harm caused by technology to the long-term consequences of foreign policy shifts. Furthermore, in this complex environment, rigorous, modern testing and evaluation of both hardware and software systems is essential to mitigate risks and ensure resilience in the field.

Effective risk management starts with a clear process for deciding which countries, governments, and customers to engage. Companies are responsible for understanding and complying with international laws, including the Geneva Convention, Hague Regulations, and export controls. Competent legal counsel is essential. This goes beyond political labels as well, as no single index or regulatory framework offers all the answers. Instead, companies should use diverse data sources and consult with employees, industry peers, and government experts.

At General Catalyst, we provide resources to help companies navigate unfamiliar areas, including how to engage with the government. Additionally, protecting classified information, supply chains, and digital infrastructure is critical. Companies must adopt cybersecurity best practices (e.g., encryption and access controls) to defend against IP theft, commercial espionage, and cyberattacks.

Key Lesson: To compete against new entrants and legacy incumbents in the defense tech market, founders can leverage their understanding of the applicable regulations as a strategic advantage, while ensuring compliance and positioning the company to win government business.    

Startups competing for government business in the national security and defense space must do more than build great tech. They need strong ethics, smart risk management, and top-tier talent. National security is not just about products. It is about maintaining technological superiority and sovereignty. Embedding ethics and risk management into the foundation of a company, along with an agile business model, allows small teams to deliver impactful technologies at the pace of relevance.