CyberWire Daily - Richard Clarke: From presidential inspiration to cybersecurity policy pioneer. [Policy] [Career Notes]
Episode Date: November 8, 2020CEO and consultant Richard Clarke took his inspiration from President John F Kennedy and turned it into the first cybersecurity position in federal government. Determined to help change the mindset o...f war, Richard went to work for the Department of Defense at the Pentagon following college during the Vietnam War. From Assistant Secretary of the State Department, he moved to the White House to work for President George W. Bush's administration where he kept an eye on Al-Qaeda and was tasked to take on cybersecurity. Lacking any books or courses to give him a basic understanding of cybersecurity, Richard made it his mission to raise the level of cybersecurity knowledge. Currently as Chairman and CEO at Good Harbor Security Risk Management, Richard advises CISOs. We thank Richard for sharing his story with us. Learn more about your ad choices. Visit megaphone.fm/adchoices
Transcript
Discussion (0)
You're listening to the Cyber Wire Network, powered by N2K. and VPNs, yet breaches continue to rise by an 18% year-over-year increase in ransomware attacks
and a $75 million record payout in 2024. These traditional security tools expand your attack
surface with public-facing IPs that are exploited by bad actors more easily than ever with AI tools.
It's time to rethink your security. Thank you. Learn more at zscaler.com slash security.
This is Dick Clark. I'm the CEO of Good Harbor Security Risk Management.
I grew up at a time when John Kennedy was president.
And his call to ask not what your country can do for you, ask what you can do for your country resonated a lot with me.
And so I think from the very beginning, I wanted to serve in government, to serve in the federal government.
I remember going to the White House as a kid, standing outside and saying to my father,
I'm going to work there.
Well, when I got out of school, the Vietnam War was still raging. It was the number one issue that had dominated my life as an undergraduate.
And I made a counterintuitive response to that.
I decided I wanted to go work in the Pentagon.
My reason for thinking that way was,
if only people who wanted to have wars,
if they were the people who populated the Pentagon,
then we would always have more wars.
If they were the people who populated the Pentagon, then we would always have more wars.
But if we had people who believed in alternatives to war, it might make a difference 20 years later.
And so I put my sights on the Pentagon and I lucked out.
I got a management trainee job, management internship job, in the office of the Secretary of Defense.
I got to the White House from the State Department. I had been an assistant secretary. So I went to the White House at a fairly high level in the Bush administration.
Almost from the beginning,
I thought we were not paying enough attention
to a new phenomenon that I smelt, I detected,
and some other people did too.
And that phenomenon turned out to have a name,
and that name was al-Qaeda.
So I always kept al-Qaeda under watch,
beginning, oh, probably in 1992.
In 1997, they added to my portfolio this new thing called cybersecurity.
And when they insisted I take it on as an additional responsibility,
I tried to learn about it, tried to get books on the subject. And there really were not any good books then that were an introduction to the topic.
And so I used the fact that I was a special assistant to the president to call up Microsoft and Cisco and Symantec and the big names of the day and say, I'm from the White House.
I really need to understand your company and this issue.
So I want to meet with Bill Gates.
I want to meet with John Chambers.
And that worked.
Before 9-11, in the early months of the Bush administration, Bush 2,
it was pretty clear to me that they were not going to pay enough attention to al-Qaeda.
And I really didn't want to be left holding the bag.
And I also wanted there to be a full-time position worrying about cybersecurity.
So I think in June, before the September attacks,
I went to the National Security Advisor and said,
I want to move from the terrorism portfolio,
since you don't pay enough attention to it,
you're not doing what I recommend.
I want to work full-time on cybersecurity, and I want to create a new position to do that.
Eventually, it happened,
and we did
create the first cyber security policy position in the White House and it was well staffed. I had
quite a good staff and we wrote a national strategy for cyber security which I read the you know, 20 years on, it's still pretty good.
My job is one of being a consultant, but it's a consultant to a diverse group of things.
I try to work for corporate boards and corporate leadership to explain the importance of cybersecurity to them. And I tried to work
with CISOs to be their advocate and coach and validator. You know, when I started in cybersecurity
looking for that book, that would be the good introduction, it didn't exist. And when I started looking for university courses, they didn't exist.
And so I wrote the book.
And I got a lot of universities to start the courses.
I got a lot of federal money
to help universities start cyber programs.
So a lot of what I wanted to learn then,
one couldn't easily learn then
and can much more easily learn now.
Hey everybody, Dave here. Have you ever wondered where your personal information is lurking online?
Like many of you, I was concerned about my data being sold by data brokers.
So I decided to try Delete.me. I have to say, Delete.me is a game changer.
Within days of signing up, they started removing my personal information from hundreds of data brokers.
I finally have peace of mind knowing my data privacy is protected. Thank you. Now at a special discount for our listeners. Today, get 20% off your Delete Me plan when you go to joindeleteme.com slash n2k and use promo code n2k at checkout.
The only way to get 20% off is to go to joindeleteme.com slash n2k and enter code n2k at checkout.
That's joindeleteme.com slash n2k, code n2K at checkout. That's join delete me.com slash N2K code N2K.