25 June 2025
By Renny McPherson, Managing Partner of First In
At First In, we invest in security technologies that matter. Firepower, hard power, and major weapons systems still count, despite hand wringing to the contrary. That said, we all need to be more aware than ever of the asymmetric opportunities present to those who wish to disrupt the United States and the world order.
The assumption that we are buffeted from threats due to our geography — between two broad oceans in the United States – was ruptured by nuclear threats decades ago. More recently, 9/11 terror attacks and then the scourges of cyberattacks and ransomware have made it clear to Americans that threats can and do impact the homeland. The most recent asymmetric threat is the use of unmanned aerial systems (UAS), in use across conflict zones in the Middle East and the eastern European front. It does not take much creative thought to envision the impact of armed drones and/or kamikaze drones sewing discord and terror in the US.
Conflict involves asymmetry. But the tools of asymmetry evolve. The asymmetric threats we face emerge from code, commercial hardware, cloud software, and unmanned systems. These systems can be exploited faster than institutions are able to defend them.
Three core themes shape how we invest in this environment.
First, most technology is not built secure. This is not just a design flaw. It is a foundational vulnerability. Whether it is a smart bomb, a commercial drone, a medical device, or a modern fighter jet, software is now deeply embedded in every system. And in nearly every case, security to defend the software is bolted on later if at all; it is not built in from the start. That leaves gaps adversaries can observe, infiltrate, manipulate, and degrade systems. It creates an opportunity space for attacks.
Companies need to build security into their technology stacks. Given how rare this is, founders have ample opportunity to build companies that enable security for our modern systems.
Second, everything is connected. Work devices run on home networks. Personal phones connect to corporate clouds. Smart homes share infrastructure with sensitive data environments. The entry points for compromise have expanded faster than traditional security models can adapt. The exposure goes beyond our digital lives. Americans are experiencing real world anxiety about the reach and impact of threats that were until recently, only the concern of national security professionals.
The gray zone of conflict has many shapes and forms. A hospital can be shut down by ransomware. Maybe that hospital is near a military base. Maybe it’s a warning shot, a deliberate act to disrupt a community of servicemembers. Maybe it was just a target of opportunity. In any of these cases, it has an impact. A water treatment facility can be compromised from across the world. A swarm of drones can strike an airport, a sporting event or a refinery. The tools to cause widespread disruption are cheaper, smaller, and more available than ever.
We need creative approaches to disrupt, deter, and identify those who wish to do us harm. Founders with deep domain expertise are valuable but so are founders with fresh perspectives to apply to security.
Third, asymmetric threats evolve quickly. Commercially available and easily repurposed technologies have shown the power of asymmetric approaches in the past few years. As happens frequently, necessity is the mother of invention, and tools built for crises and combat, proliferate to gray zone conflict. Specifically, unmanned aerial systems have had incredibly fast cycles of innovation, as the necessity for asymmetry to attack adversaries has led to advances in both the Ukraine / Russia theater as well as across the middle east in recent and ongoing conflicts in that region. Similar to cyber attacks and their ongoing dramatic effects over the past 15 years, it’s not a far reach to think that drones can and will be used more regularly outside of combat zones in the coming years. Attribution will remain a challenge. The operational and societal consequences are far-reaching.
The speed at which tools like AI-enabled malware, drone platforms, or bioengineered viruses can be deployed is outpacing our ability to manage them. In this environment, physical borders offer less protection. The threats arrive without warning, without uniforms, and often without attribution. There is a pressing need for founders who embrace speed in iterating and testing their products.
This is the new operating reality. It demands a breed of security leaders who are resilient and relentless. Perhaps most importantly, they will need to communicate the vital importance of their offerings, which often will necessitate new budget lines from industry and from government. It won’t be easy, because these founders need to think, communicate and actualize their offerings both strategically and tactically.
We are systemic security investors. Asymmetric threats and attacks will continue to impact our systems, organizations, and society. We invest in founders who are building with urgency and clarity; we invest in those who see the field clearly for what it is. Who are comfortable with ambiguity. Who are called to this work. We are not looking for academic solutions or policy frameworks. We are looking for functional products that can harden systems, detect threats, or create real deterrence.
If you are a founder building with this mindset, understanding both the scale of the threat and the complexity of the solution space, we want to hear from you.