It didn’t take long before discussion about technology and national security Wednesday turned to this week’s Taliban violence on a Pakistani teenager.

“When reached by cell phone the Taliban claimed credit,” said Google Chairman Eric Schmidt referring to critically-injured Malala Yousufzai. “We know their phone number? Hmm. Why don’t we know where they are?”

There was no answer. But after more discussion it was clear that he, former federal CIO Vivek Kundra and former CIA Director Gen. Michael Hayden agreed civilization hasn’t kept pace with the proliferation of devices and networks.

They took the stage at the National Military Family Association 2012 Leadership Luncheon in Arlington, Va. to offer insights on technology’s impact on national security and military communications.

Schmidt intimated cyber war could be closer than anyone thinks. Yet identity, privacy rules and cultural resistance still complicate the technological landscape and cybersecurity ability.

“You and I haven’t caught up culturally with the capabilities of information technology,” Schmidt said. He also said that when it comes to privacy and security, “you are in charge, but we need to make sure your information is secure whether it’s the Chinese who attack us or someone else. … There are a fair number of situations where governments will be in cyber war and not physical war.”

Schmidt later said: “It appears the Iranians are going after banking systems. But it probably doesn’t have the momentum to lead to a broader conflict.”

However, in a private interview after the luncheon Hayden said cyber war is certainly possible.

“I don’t mean to downplay it at all,” he told Breaking Gov. “My entire life has been working backward from the needs of security. This conversation began at the other end. Professionally, I come at it from the question of ‘Man, you guys didn’t build this very well, you didn’t bake security in, trust is implicit, security is an afterthought, all of the advantage goes to the attacker. You’ve really created quite a mess here.’”

He also agreed with Schmidt.

“We have to answer these cultural questions,” Hayden said. “We have not decided as a people…what it is we want the government to do to defend us in in this cyber domain or what we will allow the government to do.”

He added: “General Alexander will tell you he’s got capacities that he can’t play because he doesn’t have policy or legal guidance.”

The conundrum leaves the responsibility to private industry, said Kundra, currently an executive vice president for Salesforce.com. It “can do in months what the government can’t do in years,” he said during the lunch discussion. “There is a huge technology gap that needs to be addressed.”

Schmidt said he’d like to see stronger identity capabilities on the Web as well as via mobile devices to capture criminals such as those who shot Yousufzai in the head.

“I’m not suggesting anonymity completely go away,” Schmidt said. “But having a better idea of who you’re dealing with would make systems safer.”

Hayden said leaving cybersecurity to private industry is risky and that solutions may not be transferrable.

“Fundamentally, we’re talking about protecting both our security and our freedom,” he said. “There are countries … who want to move in a direction in the name of security to turn this … into a balkanized network. If we don’t figure this out we may advocate the field to others who are fundamentally opposed to it.”