The past few years there have been numerous senior U.S. government officials in the national security and cyber space depart for opportunities within the private sector. This is not surprising since prior to presidential elections there’s a mass exodus and numerous transitions. However, what is unique is that instead of joining government contractors, nearly all of them have chosen either large public companies, innovative privately held companies, or are consulting/advising these companies. By way of background, I have personally advised over 50 of these experts and have seen this trend firsthand.
Former defense, intelligence and national security senior officials who were charged with protecting our country’s secrets, classified networks and technical assets are in high demand. Corporate America is now facing many of the same threats and challenges; these battle-tested leaders possess the needed expertise, insight and best practices. They know the threats, adversaries, and weakness in our systems as well as anyone. They are now being recruited from industry (Fortune 1000 to PE-backed growth to VC-backed innovative companies). Expertise ranges from cyber defense, intelligence, attack, analysis, strategic planning, insider threat, corporate espionage, compliance and all aspects of security (physical, personnel and IT).
Bridging the gap
Whether defending from adversaries to include nation states, crime groups, extremists, and hackers, their unique understanding of the complex threat landscape, methods and capabilities used to combat these threats is now what corporate America needs. Their sense of patriotism and mission continues and will now help protect some of our country’s top brands and companies.
Since the critical infrastructure is primarily owned and operated by the private sector, our government can’t be expected to solve all the problems in keeping America safe. Industry must take the lead. We have seen the demand for these accomplished leaders skyrocket as forward-looking corporate CEOs and boards are turning to these former national security and cyber government officials to gain expertise, insight and address the growing need to combat a full spectrum of enterprise risks.
They include board members who chair newly formed risk/cyber committees, Chief Risk Officers (CROs), Chief Information Security Officers (CISOs), Chief Security Officers (CSOs) and Chief Data Officers (CDOs). Consultants and advisers are also being brought in for advice, a second opinion by getting a look from the outside-in. This is invaluable as companies should be able to withstand the toughest scrutiny, which usually is not from inside.
[ ALSO ON CSO: How cyber security pros transition to board level decision makers ]
According to Lt. Gen. Rhett Hernandez (Ret), who led Army Cyber Command and currently serves on a wide range of boards and advisory boards, highlights the importance of diversity on all teams and notes the ability of former senior government executives to add required diversity of thought, experience and leadership to corporations. “These leaders often have deep experience in managing risk, achieving outcomes, and in operating and defending large enterprises.”
Examples of former officials bolting for the private sector:
- Chris Inglis – former deputy director at NSA; joined board of directors at FedEx, Huntington Bancshares, Inc and KEYW Corp
- Al Tarasiuk – former CIO of the intelligence community and CIA; joined Deutsche Bank as CISO
- James Trainor – former Assistant Director of the Cyber Division at FBI; joined Aon Risk Solutions as senior vice president in its Cyber Solutions Group
- Bob Butler – former Deputy Assistant Secretary of Defense for Cyber; joined IO as Chief Security Officer; Director on the AKAL Security Group Board and senior adviser to the Chertoff Group
- Brian McCauley – former Deputy Assistant Director International Operations at FBI; joined Flynn Intel Group as Principal and Advisory Board for Brainwave Science
- Debora Plunkett – former director of the Information Assurance Directorate at NSA; recently transitioned and evaluating board and consulting offers
- Lt General Bennet Sacolick (Ret) – former Director of Strategic Planning at the National Counterterrorism Center and Director Force Management & Development at SOCOM; recently transitioned and evaluating board and consulting offers
Where is it going?
Cyber attacks will sadly grow in magnitude, complexity and frequency which will leave many companies even more vulnerable. Cybersecurity Ventures predicts global annual cybercrime costs will grow from $3 trillion in 2015 to $6 trillion annually by 2021, which includes damage and destruction of data, stolen money, lost productivity, theft of intellectual property, theft of personal and financial data, embezzlement, fraud, post-attack disruption to the normal course of business, forensic investigation, restoration and deletion of hacked data and systems, and reputational harm.
Maintaining public confidence in the private sector’s ability to protect intellectual property, business information, privacy, electronic financial transactions and critical infrastructure is vital to America’s economy and ultimately our way of life. We believe corporate security is today’s biggest talent management challenge and it needs to be given the highest priority and focus. And we believe that core skills and expertise gained from public sector leaders can be leveraged to inform private sector actions and strategies. In the end, only people can create strategy, policy, processes and implement the right technologies. The risk to preserving enterprise value is too high not to have an A-team to navigate the new landscape of threats.
This article is published as part of the IDG Contributor Network. Want to Join?