• United States



Contributing Writer

Note to Washington: Read and react to Richard Clarke’s new Book, “Cyber War!”

Jun 03, 20103 mins
Cisco SystemsData and Information Security

Book is a must read for concerned citizens, security professionals and legislators -- as soon as possible

I recently finished Richard Clarke’s new book, “Cyber War,” and I have but two words for the former cyber czar — thank you. I’ve probably read as much about this subject as Washington insiders and in my opinion, Clarke’s book immediately leapfrogs numerous other overly technical or Washington wonky volumes. As such, it is a “must read” for security professionals, legislators, and business executives — especially in the 18 industries designated by Washington as “critical infrastructure.” Heck, anyone interested in cybersecurity should read this book to understand the current threat, possible cyber war scenarios, and where our tax dollars are and aren’t going.When reading this book get ready to self-translate several subculture languages including security technology, military acronyms, and Washingtonese. That said, Clarke does a great job explaining these terms in simple English and even includes a glossary to help newbies along. I can’t possibly provide a synopsis of Clarke’s book in a blog, but the primary take-aways are:1. Cyber warfare is common practice. The U.S. Military has launched its share of cyber operations as has China, Israel, North Korea, and Russia amongst others. Clarke’s is the only book I know of that describes all of these incidents.2. The U.S. is extremely vulnerable. Our offensive capabilities are strong but our defensive safeguards are way behind where they should be. In military terms, we are at an asymmetric disadvantage. For all of our military might, this could tip the scales against us.3. Washington is doing next to nothing. Every U.S. citizen should be very pissed off about this. We’ve spend billions of dollars and waved our hands around but we haven’t secured our networks or passed any serious legislation. We need real action, not lobbying and empty promises.4. There really is no organized plan. If we suffer a cyber attack, there is really no chain-of-command, protocol, or International agreement on what happens next. Yikes!To his credit, Clarke lays out a plan to get us started in the right direction. I don’t agree with all of his suggestions but they are certainly a good start.Whether we like to admit it or not, we all may wake up one day with the power cut off and the banking system in total disarray. Naysayers dismiss this threat but it has happened on a limited scale around the world and will happen in a much bigger way if the U.S. continues to manage cybersecurity with its head in the sand. To his credit, Clarke clearly articulates the threats, vulnerabilities and real risks we face in any type of sophisticated cyber warfare. He also balances his wake up call with some sound and cogent advice on what we should do. I suggest that anyone with an interest or stake in this topic read the book and join Dick Clarke to get the Federal government to listen and act as soon as possible. As someone who has been preaching this same message, I can tell you that it is a lonely crusade — we need all the help we can get. If this book doesn’t get you to write your Congressman, Senator, and President, nothing will.

Contributing Writer

Jon Oltsik is a distinguished analyst, fellow, and the founder of the ESG’s cybersecurity service. With over 35 years of technology industry experience, Jon is widely recognized as an expert in all aspects of cybersecurity and is often called upon to help customers understand a CISO's perspective and strategies. Jon focuses on areas such as cyber-risk management, security operations, and all things related to CISOs.

More from this author