When the Clocks Don't Match: Rethinking Cyber Resilience at GovSummit 2026

Every system in government exists to serve someone—a veteran filing for benefits, a taxpayer expecting a refund, or a caseworker racing against a deadline. That principle anchored my keynote session at Splunk GovSummit 2026, where I had the privilege of sitting down with Simplex Founder, Chad Smith. Together, we explored a critical reality: the biggest security failures aren’t born from technology alone. They stem from the widening gap between the speed of technological advancement and the ability of our institutions and people to absorb that change.

The Clock Mismatch

During the session, I introduced a framework I call the "clock mismatch." It’s the idea that every organization operates on four distinct clocks, each ticking at a different tempo:

• Machine Clock: Automated telemetry and AI-driven processes, moving at exponential speed.

• Human Clock: Analysts investigating, coordinating, and reporting, moving at the speed of days and weeks.

• Institutional Clock: Policy updates, procurement cycles, and regulatory changes, operating at the speed of months and years.

• Biological Clock: Cultural and generational shifts, which move the slowest of all. This is where trust is built.

AI hasn’t accelerated any clock other than the machine clock. Your adversary operates at generative speed, yet your institution still makes decisions at institutional speed. That delta is exactly where adversaries do their damage, and it’s where the citizens government serves ultimately fall through the cracks.

Start With the Decision

To close this gap, I challenged the audience to rethink their approach to data. Most teams start by collecting everything they can and then searching for insights. I argue for the opposite: start with the specific decision you need to make, then work backward to the minimum signal required to support it. Everything else is just a storage cost.

I view Splunk as the "gasket" between the machine clock and the human clock. It isn't just a data lake or a dashboard; it’s a structural translation layer that allows two systems moving at different speeds to stay connected without breaking.

Insights from the Front Lines: Chad Smith

Chad Smith brought a vital practitioner’s perspective to the stage. As Simplex Founder and virtual CISO, he protects a state filled with high-value targets, from the U.S. Space Command to naval shipbuilding facilities.

Chad’s approach to prioritization is rooted in "inversion thinking"—borrowed from Charlie Munger. Instead of asking what to protect first, he asks how he would guarantee failure if he were the attacker. He has embedded this mental model into his team’s development, using AI to challenge his analysts’ reasoning and pushing them to think critically rather than just executing playbooks.

One of the most memorable moments of our discussion came when Chad compared cybersecurity to a long-term marriage. After 30 years, you know your spouse’s baseline so well that you can sense when they’re having a bad day without asking. We need to understand our business operations to that same level. When you truly know your terrain, anomalies become obvious because you know exactly what the "baseline" is supposed to feel like.

A Call to Action

I closed the session with a photo I’d taken outside our hotel—a street sign that read, “Taking action is a risk. Not taking action is a bigger risk.” I challenge you to adopt thinking that cuts through the noise. Invest deeply in those around you and align your pace with the modern mission. As Chad and I discussed, technology is merely the instrument—service is the objective. Computers can only take us so far. It is our people who will take us the rest of the way. Whether you are securing critical infrastructure or delivering citizen services, Cisco and Splunk are committed to providing the AI-native, compliant, and unified solutions you need to succeed.

Don’t let the momentum stop here. Watch my session along with the keynotes and breakout sessions to equip your team for what’s next or reach out to a representative to discuss how we can help your agency bridge the gap between institutional and generative speed.