Richard Clarke: From presidential inspiration to cybersecurity policy pioneer. [Policy]
Richard Clarke: This is Dick Clarke, I'm the CEO of Good Harbor Security Risk Management.
Richard Clarke: I grew up at a time when John Kennedy was President and his call to ask not what your country can do for you, ask what you can do for your country, resonated a lot with me. And so I think from the very beginning, I wanted to to serve in government, to serve in the federal government. I remember going to the White House as a kid, standing outside and and saying to my father, I'm going to work there.
Richard Clarke: Well, when I got out of school, the Vietnam War was still raging, it was the number one issue that had dominated my life as a as an undergraduate. And I made a counterintuitive response to that. I decided I wanted to go work in the Pentagon. My reason for thinking that way was if only people who wanted to have wars, if they were the people who populated the Pentagon, then we would always have more wars. But if we had people who believed in alternatives to war, it might make a difference 20 years later. And so I put my sights on the Pentagon and I lucked out. I got a management trainee job management internship job in the office of the Secretary of Defense.
Richard Clarke: I got to the White House from the State Department. I've been the Assistant Secretary, so I went to the White House and a fairly high level in the Bush Administration. Almost from the beginning, I thought we were not paying enough attention to a new phenomenon that I smelled, I detected and some other people did, too. And that phenomenon turned out to have a name. And that name was Al-Qaeda. So I always kept Al-Qaeda under watch beginning oh probably in 1992. In 1997, they added to my portfolio this new thing called cybersecurity. And when they insisted I take it on as an additional responsibility, I tried to learn about it, try to get books on the subject. And they really were not any good books then that were an introduction to the topic. And so I used the fact that I was Special Assistant to the President to call up Microsoft and Cisco and Symantec and the big names of the day and say, I'm from the White House. I really need to understand your company in this issue. So I want to meet with Bill Gates. I want to meet with John Chambers. And that worked.
Richard Clarke: Before 9/11, in the early months of the Bush Administration, Bush II. It was pretty clear to me that they were not going to pay enough attention to Al-Qaeda and I really didn't want to be left holding the bag. And I also wanted there to be a full time position worrying about cybersecurity. So I think in June, before the September attacks, I went to the National Security Adviser and said, I want to move from the terrorism portfolio since you don't pay enough attention to it, and you're not doing what I recommend. I want to work full time on cybersecurity and I want to create a new position to do that. Eventually it happened and we did create the first cybersecurity policy position in the White House and it was well staffed. I had quite, quite a good staff and we wrote a national strategy for cybersecurity, which I read the other day. And, you know, 20 years on, it's still pretty good.
Richard Clarke: My job is one of being a consultant, but it's a consultant to a diverse group of things, I try to work for corporate boards and corporate leadership to explain the importance of cybersecurity to them. And I try to work with CISOs to be their advocate and coach and validator.
Richard Clarke: You know, when I started in cybersecurity looking for that book, that would be the good introduction, it didn't exist. And when I started looking for university courses, they didn't exist. And so I wrote the book and I got a lot of universities to start the courses. I got a lot of federal money to help universities start cyber programs. So a lot of what I wanted to learn then one couldn't easily learn then and can much more easily learn now.