Cybersecurity and Military Defense in an Increasingly Digital World

Posted on in Presentations

Cyberwar has forever changed overall warfare planning. New, innovative technology is impacting the battlefield, and pressure is on to get it into programs of record and warfighter’s hands more quickly, with assured security. Across the ecosystem, companies of all sizes—from startups to large enterprises—play an important role in working together in this new chapter of cyberwarfare, lest the adversaries succeed.

Video Transcript

   >> ANNOUNCER:  Please welcome panel moderator Vivian Schiller.


   >> VIVIAN SCHILLER:  All right. Okay. Good morning, everybody. We are so glad to have the early birds here today. If you are like me, you went to bed very late but also woke up at 3:30 in the morning because of jet lag. So, but that's what RSA is about.


   Anyway, my name is Vivian Schiller. I'm Executive Director of Aspen Digital. We’re a program of the Aspen Institute that focuses on all things at the intersection of media and tech, with a big focus on cybersecurity as well. And I'm absolutely delighted to be here for this session this morning.


   You know, it's – we're only halfway through RSA I guess, but if there is one very clear, consistent theme this year that I'm picking up, it is the accelerating speed and the dramatic impact of the technology advances over the last year, really over the last six months, and particularly as it relates to cybersecurity. I can think of no realm where the impact of that accelerating technology is as profound and frankly consequential as warfare.


   So, one of the – in this session, we're going to talk about the U.S. military and their ability to exploit new technologies at speed. Is that possible?


   And critically, how the U.S. military can defend itself from both the risks that AI provides adversaries. Is the U.S. military nimble enough? And where do startups and the larger incumbents play in the equation?


   So, we have two amazing panelists who are going to certainly educate me and educate all of us. Immediately to my left is John Chambers – I feel like I don't really need to introduce either of you but I'm going to anyway, so indulge me. The former – of course, the former Executive Chairman and CEO of Cisco, currently the founder and CEO of JC2 Ventures.


   John is deeply embedded in, of course, the tech and cybersecurity industry and has vast experience in defense as well. He is the recipient of the Outstanding Civil Service Medal by the U.S. Army, awarded by General Milley and France's National Defense Gold Medal. John was the first foreign business leader to receive that award in its thirty-five year history, so that’s incredible.


   And then of course, General Richard Clarke. Rich, United States Army four-star general who has long served, most recently as a 12th commander of the United States Special Operations Command until your retirement six months ago or so, right?


   Four decades of leading complex and diverse organizations at every level, including fifteen-plus years internationally and twelve-plus combat deployments to Iraq and Afghanistan. So, we have the right people here to talk about this topic.


   So, I want to begin by sort of setting the stage. We’re going to be sort of taking a lot about the present and the future but just to begin, I would like to look back. So, you have both been either in or adjacent to the military for many years. So, how in the last twenty years, how has technology changed, John, I will start with you, military defense, both in terms of threats and operational advantages? What would the you of twenty years ago have been surprised about today?


   >> JOHN CHAMBERS:  I think the role that technology and the digital world have been involved in every aspect of business and defense is probably the most fundamental change. By the way, Rich, thank you very much for your service to our country. It's an honor to be up here with you.


   We had the chance at Cisco to build the Internet and have about 80% of the nodes on the Internet. We took something – the technology, it was around 0’s and 1’s and we said it’s going to change the way you work, live, learn, and play. It will change every company, every country, every individual. And people said, wait a minute, you are way out there. We are about to see the same transition again with AI and cybersecurity, which we’ll get into in a moment. But it is the ability to really look back and take the snapshot.


   In preparing for this, I went back and I did a session with DISA on the yearly conferences in 2002. So, it was exactly twenty years ago. And at the session, we said it’s a connected virtual organization. Here is how warfare is going to change forever, defense is going to change. Here’s how it’s going to be, not just to the three basic areas but also in space and cyber. And we outlined how the military and the defense agencies had to change dramatically in an architectural approach to this where you could have your members or your warfighters everywhere, as well as data feeds everywhere.


   Then in 2011, we did a follow-up session to that almost a decade later and we talk literally about what was going to happen in this connected world where how you feed all the data into the sites, it allows you to make your mission decisions, et cetera, effectively in that environment. But how similar it was, Rich, to the enterprise environment as well.


   And then in 2016 at General Mark Milley's request for the Army, I had a chance to present really how this digital world was going to transform the Army and what had to be done with the environment. And a year later, he was nice enough to give me the award salute from the Chief of Staff.


   It shows you how I think the military has got the big picture on what has to change, but getting the various groups to work together is really, really hard.


   You think about it, whether you are in business or you’re in defense, your future, whether you survive, succeed, or fail, and we can't afford for the military to fail, is dependent upon getting the major market transitions, the business transitions, the defense transitions right enabled by a new technology. That’s when the new companies are always formed, the Google’s, the Cisco’s of the world, the Microsoft’s. But it’s also when new military powers either fall out of grace or come back as well.


   So, getting this transition right on how everything is going to change in this new digital AI enabled environment is so key for the future of our country. And I think our survival depends upon it.


   Then you’ve got to say, how do you take organizations that by nature have a tendency to want to do the right thing ongoing? True of our military and the same thing true of our business, and that is a recipe for disaster.


   You have to develop a culture of sense of urgency, disrupt or get disrupted, or you get left behind in terms of the direction as we move forward.


   So, when we think about our conversation today, what has changed is speed. We talked in Internet years, in the 1990’s early, it was about three times faster in Internet years than it occurred before, but you saw great companies like Nortel and Lucent and Alcatel and Siemens and many others that were on top fall from grace in as quickly as three to five years.


   Then you had the era of the cloud. You saw the same transitions with the turnover in leadership within cloud and in Amazon emerging and Google emerging within it. I think you are going to see the exact same transition occur with artificial intelligence and with cyber.


   What surprised me, what took us so long in AI? Six years ago, I placed my bets on AI and picked out the companies. Here’s where we’re going to go. For me, it was obvious. It was the Internet. Next major transition, the cloud and cloud to the edge, and then it was going to be AI.


   And all of a sudden, people said yeah, I get it intellectually, but only in the last six months did people suddenly say I am going to really move here. I think it will be bigger than the Internet and bigger than the cloud combined in every aspect of defense, business, et cetera, on it.


   And underlining this connected virtual world is going to be cybersecurity. You must lead in these two areas. Our economic success of our country depends upon this and our defense depends upon it. So, what's surprised? It took – why did it take so long, and then once it took off, it really is here and now. And then secondly we need to a policy for how we are going to address these issues which I am not normally a believer in. But it has to be coordinated between defense, open standards, et cetera on it.


   >> VIVIAN SCHILLER:  Quick follow-up before I go to Rich. So, twenty years ago you gave a speech in which you talked about the future, if I understand you correctly.


   >> JOHN CHAMBERS:  Yes.


   >> VIVIAN SCHILLER:  So, in that speech, what did you get right and what did you get wrong?


   >> JOHN CHAMBERS:  It was actually scary. I know the slides are old fashioned, but if you put up the slide today, it would be something that you could almost use today in today's terms, just with different vernacular on it. It speaks that we just haven't moved fast enough as a country.


   You have got to be able, for any warfighter, to be able to see any data point anywhere in the world with collaboration and security built into it that allows them to make the decisions. You have got to empower organizations and be able to take your most valuable tool that you have and human productivity, which is what? Your mobile phone. You have it there in your hand. It is the most powerful tool you have, yet our warfighter can't even take it into action. And so, we have got to think about how we do these types of standards and the direction. And it takes architecture with the government and the military and startups working together with the defense contractors, which we naturally don't do as well as we should.


   So, I’d give us good marks versus everybody else but not good marks versus what we have to do.


   >> VIVIAN SCHILLER:  Rich, same question. You have seen a lot in the last twenty years. What surprised you most?


   >> RICHARD CLARKE:  No, thanks, Vivian. Thanks for hosting, moderating, and honestly, thanks to John, you know, for inviting me to be on stage with him. I'm honored with this great patriot and fellow West Virginian.


   >> JOHN CHAMBERS:  Go Mountaineers.


   >> RICHARD CLARKE:  That we’re here together.


   >> VIVIAN SCHILLER:  Oh, we got two.


   >> RICHARD CLARKE:  We got three – maybe two or three claps in the audience.


   But I’ll tell the story. 1991, I'm a young officer so I'm going back thirty years, a little bit further than the time period that Vivian gave us.


   I'm in Desert Shield, Desert Storm. Everybody remember those days. And I would tell you, it was the technology that showed the U.S. competitive edge, from the chips that were developed here in Silicon Valley that allowed for the lethality and the accuracy back then that really showed what – we were fighting against the fifth largest army in the world. Estimates were we would have 100,000 casualties during that war and that we could be there for years. It was really technology that gave the U.S. a decisive advantage at that point in time. And that was using really the microchips, the GPS, the space. I mean, I was handed – I was in a unit of 18,000 people. I was handed a GPS device that was this big. Okay? Literally this big.


   >> JOHN CHAMBERS:  Was it a Cisco router, too?


   >> RICHARD CLARKE:  No. But it weighed about twenty pounds but we thought it was gold because in the middle of the desert you can’t tell where you are. And think, I have more compute power and accuracy in my watch today.


   But what did that do? And John talked about speed. Our adversaries learned from that. They studied what took place there. And there are two things that I think – two broad things that our adversaries picked up. One is don't go toe to toe at this point in time with the U.S. So, you know, you can have nineteen terrorists board U.S. planes and think broadly with boxcutters and attack us on 9/11. That's one – that’s an asymmetric approach to come at the U.S.


   But then our other adversaries, and think the big countries, developed their own technologies and really looked at where do we need to go to be able to compete with the United States in the future?


   And so, while we were really focused on counterterrorism for the last twenty years, our adversaries were looking at what do we need and using those technologies, playing with missiles and drones and hyper sonics and weaponizing space were the type of approach they went.


   So, I had the opportunity to go to China and watch the Chinese military do some exercises and I was astounded at how close that they had come. And they had come so close because they copied us. They’d stolen from us. They’d taken our research and development, which is a large part of this. And now in some cases, they've actually leapt ahead of us in certain technologies. I think we’re just going to have to look at the speed of which we come in and actually either catch up with where they are on things like hyper sonics or actually leap ahead. And I think that's the type of thing we're going to have to do. But it is the speed that John referenced is going to go directly to the technology sector.


   >> VIVIAN SCHILLER:  Okay. So, let me stick with you, Rich, and let’s root ourselves now in the present day. So, the domains of war, of course, have expanded from, you know, air, sea, and land to now five, adding space and cyberspace. That's a lot of priorities. Obviously, those all intersect but they are all connected.


   So, let's use the example of what's happening now in Ukraine to illustrate how those five domains intersect. How is that playing out?


   >> RICHARD CLARKE:  Vivian, this is really important. Just, cyberspace and space really became important in the last twenty years. We didn't even have a U.S. cyber command until 2010. We didn't recognize cyber as a warfighting domain until 2004. Space, we recognized but we didn’t stand up the Space Force until three-plus years ago. Think about how we have structured ourselves. And I will tell, you we – there will not be another major war won without cyber and space as being a component to the air, land, and sea. Those are absolutely essential.


   And so, Ukraine provides a tremendous example about those two domains that I think are worth highlighting for the audience. Start with space. When I was fighting the wars in Afghanistan and Iraq, I would get all kinds of imagery from satellites that was phenomenal. It was all marked top secret or secret and I couldn't share it with our allies and partners unless I got it declassified. And usually when it got declassified, it looked like a grainy, fuzzy image. It was terrible. It wasn't worth the paper that we printed off to share with them.


   You look at what has changed with commercial satellite companies, the one thing that we are sharing with them is satellite imagery. Why can we share it with them now? It is because it’s not U.S. military or U.S. government satellites that are providing that, it’s commercial. And it’s not classified. And we can use that with other technologies to help our partners. And so, that's a great example of private-public partnering because we give it directly to the Ukrainians.


   But then we also work directly with the Ukrainians, with apps in the cyber domain to help them defend their systems, but we also help them use the capabilities that the Ukrainians have to actually help them speed up targeting and to actually identify where Russians are located. Just think about this in the cyber domain.


   Why have there been almost a dozen Russian generals killed? They hang out at command posts. We are able to see where they are using both cyber and space and imagery and get that to the Ukrainians. We’re not targeting Russian generals, or the Ukrainians aren’t. They are targeting the command posts where the generals hang out. But that's all enabled. And the reason the Ukrainians are so fast is because we have enabled them through cyber and space as partners to do that.


   The last thing – the last point I will bring out on this is John's point on that powerful device that you have in your pockets, that cell phone. Think, everybody who has a cell phone in Ukraine can be a part of a resistance network and can help in the fight. Take a picture. Tag it. That's where the Russians are. I have just become an assistant to help target Russians. But the other piece in the cell phone that can be used is that cell phone can also capture atrocities. It can capture what the Russians are actually doing on the ground and highlight that because the war today is going to also be won in the information space and tell what is going on in the war for broader audiences to see.


   >> VIVIAN SCHILLER:  But the cell phones are also a vulnerability?


   >> RICHARD CLARKE:  Cell phones are a vulnerability, but if used right with the right – what we would call tactics, techniques, and procedures, you can actually do that. You can obfuscate those but you can also get it quick and then move on.


   >> JOHN CHAMBERS:  This is the example. We knew this was going to be a requirement back in 2002 and 2011. It took us a decade to get to the point now where you have products that can take a Samsung phone or an Apple phone, put it into a platform, be able to shield that, be able to take into a SCIF, in terms of the capabilities.


   >> RICHARD CLARKE:  A SCIF is a secure facility. Only secret and top secret stuff can go in there.


   >> JOHN CHAMBERS:  So, it goes all the way to the extreme on it but it also means that the warfighter can take that with him or her and be able to communicate with their family in the right ways at the right time. And you can actually make them invisible as well. But yet we've had that technology now for four years and we are having fits getting it through the red tape involved even though everybody wants it. So, this goes back to we have got to speed up the basics and make it work quicker.


   Now, to your question on the Ukraine, one of the things that I have watched that have been amazing – I'm a startup guy now. Again, at Cisco, I acquired 180 companies, but I love to build and scale companies. How many people in the room are startups? Just for a quick feel?


   Okay. How many people involved with government in the room? Gotcha.


   So, John Hennessy, the prior president of Stanford, said it best. In Silicon Valley, this is when we were at our height probably a decade ago. 80% of the new innovation comes within twenty-five miles of Stanford out of Silicon Valley startups.


   And that doesn't mean that the military isn’t great, large companies aren’t great. It does mean that if you are going to do this, you have got to tie to startups to be able to do leading edge stuff.


   And so, when you think about the startups working with the military, working with the defense contractors, working with their peers, government for legitimate needs of privacy, et cetera, it is what the Ukrainians have done remarkably well. The startups there, we have a startup called Dedrone but they have well over a hundred sites in the Ukraine that basically see the drones. And you grew up in a generation where you look flat and down. You now have to look up. And it's the ability to identify the drones, spot them, determine where they are coming from, what’s the pattern, et cetera.


   And for each of us that say, well, that's just in a military or security environment, I have one of these units on my house now and that is surrounded by two park areas, no fly zones. On Sunday alone, I had twenty-one drones come over my house that I never saw.


   And so, it is the ability to be able to apply this. And this is what I think startups have to do. They have to be good in their commercial application of technology and in their government application. It gives them a higher probability to sustain.


   Now, what did the Ukrainians do? They took it a whole different step. They basically had their own startups work on drone capability. They used technologies available. They gathered the data. And this is about empowerment and entrepreneurship. It’s that mix of startups and others that really makes it go. And it’s how you do this in a build by partner type of mentality with the large companies and smaller companies, where a lot of the ideas will come from the incumbents and the large established, but then you complement it with the startups and you partner within it. It is an art as opposed to science.


   >> RICHARD CLARKE:  John, just one other point. It was a lot of U.S. military and our allies working very closely with the Ukrainians that enabled some of those tech startups, some of the satellite companies to actually support the Ukrainians directly, and that’s a really important point.  


   >> VIVIAN SCHILLER:  I want to move now to cybersecurity vulnerabilities in two categories, and John, I will start with you. The massive vulnerability that – and the cybersecurity of the devices that we're using in the field, and how do we make sure those connections are secure, the technology is secure from a cyber perspective? And then I want to talk about not just the devices and the equipment but the people. All of a sudden, every single service man and woman is a point of cybersecurity vulnerability through a phishing attack or what have you. So maybe let's start with the systems and then maybe we can talk about the people.


   >> JOHN CHAMBERS:  Yeah, and if Rich and I always agree, that would be a little bit boring. I don’t know if we’ll agree on this one or not but I think this is how you learn is you kind of talk through it.


   The number one issue on cybersecurity vulnerabilities is human error. And we have seen examples of that. It is when people don't follow procedures but we probably didn’t do a good job of training them on the procedures and people did not understand the implications of it.


   The other issue on a cybersecurity, you cannot take an infrastructure that's thirty years old, power grids, military architecture, a device, and then overlay it with software security. It's too late. You have to build an architecture here to go after the whole thing and the pieces have to tie together, because the bad guys, the hackers, the organized crime, the rogue nation-states, et cetera, they will probe everything and find your weakest point.


   >> VIVIAN SCHILLER:  And how are we doing?


   >> JOHN CHAMBERS:  And when you have 40 billion devices coming in, you have to have an architecture here, and this is where I think government and business has to work closely together for the legitimate needs on how do we do it architecturally.


   You also have to realize that our existing infrastructure will never be secure. You can't go with the current architecture on the electrical grid, the supply chain, and think you are secure. It is fatally flawed. We are putting Band-Aids on it to get us through this. But you have to design the two to work together from the beginning in terms of an architectural approach for it.


   And then you can go all the way down to deep fakes or anything else you would like to talk about. How do you interpret those?


   But my key takeaway, got to be in architecture. And you’re going to say, wait a minute, John. Rich, that’s on the table. Watch what Modi did in India as an example. And by the way, I think India is the most strategic partner the U.S. has in the world, on everything from economic, to joint benefits to the citizens, to dealing with issues such as COVID, but also from the military perspective.


   And Modi, in a period of only six years, took a nation that was a very slow follower, dramatically slower growth than other players such as China, et cetera, with a very mixed economic power for their people, and in six years turned it into the most vibrant economy in the world. They will grow between 6% to 10% over the next decade, maybe for two.


   They went with a digital India first, a digital India. They ran their election on this and said here is how a digital country can change the benefit for every person in the country. Startups, all twenty-eight states, here’s what makes a difference. They formed a great relationship with the U.S. I’m Chairman of the U.S. India Strategic Partnership Forum. And they understood the benefits that both sides can have. And we don't always agree but we have a healthy give and take in terms of the direction.


   So, can we do this? The answer is absolutely yes.


   >> VIVIAN SCHILLER:  Are we doing it?


   >> JOHN CHAMBERS:  No. And this is the sense of urgency.


   >> VIVIAN SCHILLER:  That was a layup.


   >> JOHN CHAMBERS:  The urgency is what has to change. That is one of the reasons that Rich and I are here today, Vivian, is to remind all us, this is not something – there is no guarantee. There is no entitlement. Either you move or you get disrupted and you get left behind.


   >> RICHARD CLARKE:  Vivian, two quick points, and John is spot on. For the military, and looking for government, when it comes to cybersecurity, we can't protect everything. If you try to protect everything, you protect nothing. That is basic principle. But you’ve got to prioritize. And you’ve got to envision what is possible.


   So, first, I mean, I start to think of a world of where would our adversary hit us that could have the most impact. And you know, we – you know, twenty years ago, I never would have thought that a plane was vulnerable where it could be brought down by a cyberattack. I’m flying Delta – you know, I flew – flew, got my free Wi-Fi on the way over here but I also think, how many points of presence, of vulnerability exist on that plane where someone could hack into?


   We're going to have to think about our major weapons systems across the board and go, hey, I could bring down an F16 squadron not with missiles. I could bring it down with cyber. So, how am I going to protect that in the future? So, that's one. Planes, trains, tanks, ships, and those are the things that we're going to have to protect from cyber vulnerabilities, not just from a direct fire attack.


   But the second point, the human aspect of this, it's leadership. It's leadership. Has to weigh in. And you know, we could talk about our airman and his leaks. My piece would be, okay, he did it for a certain reason. Okay.


   >> VIVIAN SCHILLER:  To impress his teenage friends.


   >> RICHARD CLARKE:  Teenage friends, whatever, was his underlying motivation to that. But where is his first line supervisor? Where is his leadership in this who, if they knew about it and didn't stop it, they’re wrong, but truthfully, at this point in time, if somebody is doing this for a year – and there’s a lot of protocols that are in place that could have prevented secret documents from leaving, what John just called a SCIF, copying those and getting them out. Someone should have noticed and someone should have stopped that in its tracks.


   >> VIVIAN SCHILLER:  But that wasn't even a cyber-attack. That was just –  


   >> RICHARD CLARKE:  It’s cyber. But also, I think we have to have things inside the U.S. government that wouldn't take a year to detect things. And that's why I think AI and machine learning should be able to – we could use that to our benefit to identify when something is leaking out. So, I think there is a lot of things here that could have been done differently.


   >> JOHN CHAMBERS:  We are in complete agreement there but I don't want to leave the audience with any false sense of security here. You have to be able to see when a problem develops in milliseconds and block it and recover.


   So, this requires an approach to the market that watches for abnormal behavior, the software, people that are in locations they shouldn't have been, the balance. Because you want to be able to share information because the information was there to prevent many of the attacks in the past and the future. So, if you don't share the information, you keep everybody in silos, people die and get left behind, businesses get left, et cetera.


   But we have to go with a whole different sense of urgency of how quick this has to occur and it can't be fifty great cybersecurity products that were not designed to work together, no common standards, and the ability to do it. So, this goes back to the architecture type of approach but it has to be almost instantaneous. It gets blocked before any damage is done, or you see what your issues are, somebody was where they shouldn’t have been and got the data. You have to educate people because very often the people don't understand the implications of stupid things they do in terms of the balance. So, it is that urgency that we’re missing on multiple fronts.


   >> VIVIAN SCHILLER:  By the way, I don't think you need to worry about leaving this audience with a false sense of security. Nothing you have said has given anybody a sense of false security.


   Speaking of, just to pursue that line, Rich, I want to just read a quote from the recent U.S. threat assessment. And this was related to the potential of a conflict, a military conflict between China and Taiwan. So, I'm just going to read this quickly. It says, again, this is the – released as a public document. U.S. threat assessment.


   >> JOHN CHAMBERS:  I want to be sure. You are asking Rich that, right?


   >> VIVIAN SCHILLER:  Sorry?


   >> JOHN CHAMBERS:  Okay, good.


   >> VIVIAN SCHILLER:  Is Beijing feared that a –


   >> JOHN CHAMBERS:  I’m right behind you.


   >> RICHARD CLARKE:  Thank you. You got my back.


   >> VIVIAN SCHILLER:  Yeah. If Beijing feared that a major conflict with the United States was imminent, it almost certainly would consider undertaking aggressive cyber operations against U.S. homeland critical infrastructure and military assets worldwide.


   Such a strike would be designed to deter U.S. military action by impeding U.S. decision-making, inducing societal panic, and interfering with the deployment of U.S. forces. China almost certainly is capable of launching cyber-attacks that could disrupt critical infrastructure services within the United States, including oil and gas pipelines and rail systems.


   So, that's a pretty eye watering statement.


   >> RICHARD CLARKE:  Vivian, as I look at this, one, I agree with the premise there across the board. But I think for this audience, when I first came into the military thirty – thirty-nine years ago almost, the homeland was a sanctuary. We're blessed with oceans on both sides and somewhat friendly neighbors to our north and south. The homeland was a sanctuary.


   It is no longer. And as I talked about earlier, you know, space and cyber play directly in that but there is also – talk about development of missiles and things that could actually strike the U.S. and attacks that could take place. It is really important for us as a consideration.


   I'm going to use the balloon for one minute to talk about this. Everyone knows what the balloon is?




   >> RICHARD CLARKE:  I don't need to get a show of hands. But that was the physical manifestation of someone violating our air space. We could see it and it stood out at us. And truthfully, threat, no threat, you can debate that. But it was collecting on critical U.S. infrastructure and those signals were passed back to the Chinese. Okay. That's – that's been reported widely.


   But take this picture. What if we showed and took a red balloon, say 100 by 100 red balloon and tethered it above every single point of presence where the Chinese have already put a worm or a device or something that they could attack, and put that red balloon at that point of presence, so you could visualize it in real-time.


   I think we'd see red balloons popping up in the exact places that Vivian just talked about. We would see it above critical infrastructure. We see it in our banking. We see it in Wall Street. We’d see it in – we’d probably see it in some major corporations that they felt that they could impact.


   So we'd see – I think we’d see hundreds if not tens of thousands of red balloons in places that were vulnerable, in places that they could attack. Now the question is what should we do about it?


   I think this goes back to basic deterrence. And the type of things we should do. We’ve got to signal to the Chinese that one, don't do this or the cost, the punishment to you would be so high.


   And then John, this is probably to you, is we have to set up our own defensive infrastructure to be resilient and resistant in our networks so that if they try to attack, we can actually thwart it. We can’t protect everything, as we talked about, but I think we really have to look at how can we – how can we provide denial of benefits from them trying to attack.


   >> JOHN CHAMBERS:  So, breaking the comments into two categories, and I will use an example, if you really look at our vulnerability, electrical grid is clearly one of them in a very big way and supply chain is another one. In the supply chain world, you are still communicating with spreadsheets and emails, which is scary without alternatives.


   And that is set up for new major technology players because you don't stay on top for thirty years very often. And so, the incumbents either have to readmit themselves, there are going to be new startups that displace them.


   So, you can take a startup, an example of one that I have a personal interest, Cloudleaf, and they do 60% of the distribution of supply chain of vaccines in the U.S., but they designed it for the future with AI capabilities and time and temperate and movement and the unique approach and simplicity built in. And then they give you alternatives off of your decision as to make happen.


   Or an energy concept. The energy grid is going to follow, in my opinion, the same thing that cloud did. Starts in a central, all tied together. Then it’s going to move to the edge, with independence and security at the edge, different capability in terms of very low emissions, movement to hydrogen, et cetera. A Bloom Energy, as an example, can suddenly play there overall.


   So, as an investor, why am I investing in cybersecurity? Because it is about the most secure place to be investing for the future. Pardon the pun on that. Companies are growing between 40% and 300% in this category.


   So, it is something we have got to get our act together on and think about how do we really drive it through. But you are also going to have every major infrastructure capability have to think security at the same time they think about what does their product do.


   The CEOs will probably, within three to four years, be measured, regardless of their company, by your cybersecurity performance and how well positioned you are. The Board of Directors are going to be held liable for decisions on cybersecurity and understanding it. So, making that happen.


   Now, we have been a little bit – not pessimistic but conservative. I have known China for forty-some years. I was with Wang Laboratories. Dr. An Wang, the most brilliant man I’ve ever met in my life, bar none, he invented magnetic core memory walking across the Harvard quad, 0s and 1s on it. And he taught me about China and I ran that part of the world for Dr. Wang, first non-Chinese ever to do it.


   It’s in the U.S. and China's best interest long-term to work together. The friction we’re in now is not only dangerous, it is nonconstructive and it is a no-win. So, I believe over time, logic will get us there. It’s just that logic both sides have to be able to hold each other accountable and be able to show that that's not a win for either side.


   So, over time, I think you will see our countries get back to together. Whether that's a five year or a twenty year venture, I do not know, but that should be our overriding objective always.


   >> VIVIAN SCHILLER:  Do you think the threat assessment is overstated? That would be a declaration of war, effectively.


   >> JOHN CHAMBERS:  Two questions. You moved it on me.


   >> VIVIAN SCHILLER:  Sorry.


   >> JOHN CHAMBERS:  Basically, you’ve got to realize where the threats are and you have to do scenario planning. You do that in business, you do it in the military. That's just things we all have to do and it would be irresponsible not to.


   And you have to be realistic on the strengths and limitations of your adversary, your competitor. Hopefully over time, somebody that you can work with in terms of a direction. And you only get there by being realistic where you are.


   Being very candid, the last time I looked at – you know, in very open documents from the Defense Department, when the Defense Department was ranking the twenty most important technology areas, where is the U.S. leadership in and where is China, I think China led in fifteen. So, we have to realize we have to get a balance and that's good for everyone for the balance. We have to make it happen.


   We've got to win the war on AI and we have got to win the war on cybersecurity. Those are two must-haves for our economic future. Would you agree, Rich?


   >> RICHARD CLARKE:  I would. The aspect from our adversary that I think cyber benefits them, and so does space, it is hard to see. It is hard to visualize. Like, I just gave the balloon aspect. But It is deniable and it’s hard to attribute. And I think until we start getting to the point where we talk about it more and actually point out the threats and who they are coming from and actually telling the American public that these were attacks and where they are coming from, I think we fall behind.


   >> VIVIAN SCHILLER:  So, you said we have to win in cyber. We have to win – or be on top, sorry, for cyber and for AI, I guess, effectively win.


   But I'm just harkening back to something you said earlier which is, you know, the issue of speed. And we're not there yet. The U.S. military is not, at this moment, able to take full advantage to be – to move as quickly as it needs to.


   So, what is the answer there and how does partnerships with the startups – you’re in the startup world – but also the incumbent big technology companies, one of which you of course led, how do those play together to increase that speed and make the U.S. military more nimble?


   >> JOHN CHAMBERS:  I think it starts with you’ve got to have the vision of where the future is going to be. And I think if we took time to outline the vision, we would actually be pretty much in agreement.


   And you have no choice but to innovate with the existing organizations, the large military, the defense contractors, the business, the infrastructure players. You have got to partner with startups because that's where the creativity is going to come from. If you look at jobs across the U.S. or jobs across Asia or Europe, almost all new incremental total jobs will come out of startups and startups getting bigger. So, that's going to be your job engine for it, but it’s where your innovation is going.


   One of my startups, ASAP, got the entire MIT graduating class of PhDs a couple of years ago, all four of them, on AI. And the graduates are going to where the startups are, the creativity. So we have got to learn to work together.


   And then it comes to what Rich said very articulately earlier is that it is about leadership. It is about leadership of our country. It is about leadership of the military. It’s about leadership for others. And learning to work together toward a common vision of where we're going.


   >> RICHARD CLARKE:  Yeah. When I was commander of U.S. Special Operations Command, almost every quarter, I would go to Austin, Boston, and come here to Silicon Valley. And it's what allowed me to become familiar with the venture capital world. And literally, I would sit around the table with five, six small companies and do speed dating. And the – one of the VC partners would bring in companies that he thought I was interested in, that would help with our national defense.


   And so, defense has got a role to play in this. We have to become involved and know what's out there. And also send the right demand signals of what we need for future conflict. And John nailed it earlier, talking about cybersecurity and AI, but help that, those companies, by making sure they understand what the requirements are. That's why, you know, I'm – I came back to Silicon Valley in retirement because I think it is so important to help reduce that time. A venture capital company only has a few years of runway sometimes.


   >> JOHN CHAMBERS:  At best four.


   >> RICHARD CLARKE:  And so, how do we – and usually, inside the Department of Defense, it is a much longer time period. We have to look at how we reduce those time periods because the department heretofore really focused on hardware, ships, planes, tanks. When I was in Special Operations Command, I had program executive officers that were focused on hardware. I said look, we got to have our own Program Executive Officer for Software. And that is the way the department has to think is we’ve really got to go to who is doing this for the department and for the different services in both – in software, just as much if not more so than the hardware.


   >> VIVIAN SCHILLER:  Go ahead.


   >> JOHN CHAMBERS:  If I may.


   >> VIVIAN SCHILLER:  Please.


   >> JOHN CHAMBERS:  It’s like selling to enterprise customers. You find out who are the risk takers in enterprise customers, who are the forward thinkers, who will happen to JPMorgan Chase, Jamie Dimon, their IT department takes risks. You can count on it in terms of occurring.


   Rich is being very modest. His group within the military was, in my opinion, the most creative, with being open to new startups and new ideas because they had to be. And secondly, he had the courage and you were empowered to make decisions that some of your counterparts don’t.


   Now, two questions. First the compliment and then you know with any compliment, there’s a tough question, which is how do we get that across the rest of the military with an architectural approach? First, why did you do it? And secondly, what do we need to do to replicate it?


   >> RICHARD CLARKE:  I did it because it was necessary. To get the tools that our warfighters needed in really some of the – and we're fighting wars in Iraq and Afghanistan but we’re also a globally deployed force that's in places all over the Asia Pacific. So, we had to. We’ve got to innovate and we’ve got to innovate for those future threats is how we looked at this.


   For the rest of the department, it's not just the Department of Defense. It is also Congress who has got to play because we build ships in districts. It's hard to point and say we build software in districts. We have got to look at the stakeholders and really look at how we are going to adopt the Department of Defense.


   I think – and it is changing how the department looks at and provides and they are doing some – the department realizes we’ve got to do some things and they're coming up with some innovative ways of putting some seed money and teaming with venture capital. But I think it’s got to – as we talked about it upfront, it has got to be faster and the whole department has to get behind it.


   I'm really pleased that Secretary Austin just hired a new Head of Defense Innovation Unit out here. He’s a good friend of mine. But instead of making –


   >> JOHN CHAMBERS:  That’s a good organization, by the way.


   >> RICHARD CLARKE:  It’s a great organization. It was buried in the department. Now that person is a direct report to the secretary. And that's a big deal. And so, when we start doing things like that, it is going to speed this up.


   >> VIVIAN SCHILLER:  So, you think that the message is received that we need to be more nimble, need to move faster, need to embrace those partnerships, and set a strategic direction from the U.S. military – that's the U.S. military's role?


   >> RICHARD CLARKE:  No, I think so, but most importantly, Vivian, we’ve got to put our money where our mouth is. We actually have to dedicate dollars because without resources, you can have all the thoughts and ideas, you won’t have a strategy. So, you absolutely have to put the money against it and get programs in place.


   >> VIVIAN SCHILLER:  So, we only, unfortunately, have – this has gone way too fast. We only have a few minutes left. So, I want to ask you both as a final question, sort of in the beginning, I asked you what surprised you over the last twenty years, the impact of technology on the U.S. military.


   Let's now project forward twenty years. So, just like you gave that speech in 2002, so tell us. Make that prediction for the next twenty years and we will check back in in twenty years and see if you are right.


   >> JOHN CHAMBERS:  So, I think as a nation, we've become too complacent without the sense of urgency. And I think this is a sense of urgency we must lead in and have the courage to change.


   I'm an optimist by nature but I also know how good this nation and our friends are about doing innovation, and it will come off of technology, technology, technology.


   A simple case would be the deep fakes going on with voice where somebody can actually imitate somebody with a Southern accent that isn’t very good in English, and by listening to it, I think it’s me. And yet with technology today, you can determine the capability because in your speech, you have 8,000 samples per second in everything you speak. Five seconds, 40,000. Five minutes, you get it. So, technology will be able to say that not only was not Rich that we just heard or Vivian that we just heard. It was actually not even a human. It was engine generated and it will be able to identify the engine from which it came as a signature. Companies again need startup capability.


   So I think when we look at where the future is going, we need to have the courage to outline a broad vision. I think we need Democrats and Republicans working together toward that common vision. And the courage to make the changes and make it for doing the right thing on a global basis.


   The next twenty years, we control our destiny. I think we will come out in a very good position, but only if we have the courage to move, put our resources and money behind it. And we have got to dream again. We are losing the ability to dream. Twelve years of economic strength. We actually thought every one of my startups was perfect. Well.


   >> VIVIAN SCHILLER:  Amazing how that works.


   >> JOHN CHAMBERS:  As economic growth goes up, we have got to really have that sense of urgency and the balance in terms of where we go.


   But first I'm an optimist by nature but my ability to see around corners based upon data has been pretty good. I have a lot of other weaknesses. I think we come out of this in good shape but it requires courage to move and leaders taking ownership and putting the resources where they want to focus.


   >> VIVIAN SCHILLER:  Thank you. Rich?


   >> RICHARD CLARKE:  I will try to make two points. First, I think we have to adopt the technology to the future warfighting capabilities. And sometimes I think the military understands innovation but it is actually adopting to it. And where I see the future of this war, I agree with John with cyber and space, but I think we're really good at building lots of big – building a small amount of big systems. And think aircraft carriers. Think big ships. Think aircraft.


   I think the future of warfare is going to be autonomous, with smaller systems that are enabled by AI, of one person controlling twenty planes. And I'm going to go back a little bit to go forward a little bit.


   In World War I, we're getting the first tanks and we’re getting the first motorized vehicles. We still had the calvary with horses and sabers. What did the calvary officers say about motorized vehicles? We're going to use those motorized vehicles to get the horses to the front so then we can start the fight. Okay? I mean, that’s – we have to envision the future with this AI and with autonomy and think how are we going to fight with AI with swarms and autonomous ships and planes. And think small and dispersed across broad aspects of a war fight. And enabling small units that can – that can get the information at the edge and actually control those assets and work autonomously.


   And I think that's the future. We're going to have to think about this as opposed to thinking about putting one person in a plane. How about no people in the plane? We debate. How many people should be in a tank? Should be four with the driver, the gunner, the commander, and the loader. My answer would be it should be zero. That's the way we're going to have to think about warfare and developing ourselves into the future.


   But then the second thing, warfighting but related to it, and John has hit this well tonight, and it's going to be the truth. It's going to be how are we going to sense out what is true and what is not true.


   And you can already see the beginnings of it where our adversaries are trying to divide our country in social media. But just think what that could be with the deep fakes, what that could be in the future. And I think that John is spot on, that we’re going to have – the company that can figure out to make sure that others and everybody can see the truth. And it is not just about the U.S. and discovering the truth.


   It is going to be our allies, too. It’s going to – it could actually be make sure our adversaries know the truth because what if one – what if one of our adversaries wants to go against the U.S. with another adversary and getting someone else to attack and they give them a deep fake? Which causes an attack on us. And I think we're just going to have to think about how are we going to share information? How we are going to highlight those deep fakes? And I think the companies that can get to and figure out those deep fakes and be able to make sure we can share them, as we talked about the Ukraine example, it is going to make a difference. So, I think we're going to think about the truth and the information environment. Thanks.


   >> VIVIAN SCHILLER:  Thank you. Thank you both for that. I think there is too many great points that you both made for me to try to recap but I just want to pull one, one sort of profound thing that you said in your closing statement, which is with the example of let's use the tanks to get the horses to the front line.


   This is not just about the U.S. military. This is across every realm of society. When we think about AI, we need to stop thinking about AI in service of the way we do things now. But we need to think about an entirely different paradigm of how AI is going to impact every aspect of life and certainly for the U.S. military.


   This was absolutely fascinating stuff. Thank you so much, both of you. John, Rich, and thank you to the audience for your attention.


   >> JOHN CHAMBERS:  Vivian, thank you. Thank you, Rich.


   >> RICHARD CLARKE:  Thank you.


   >> VIVIAN SCHILLER:  Thank you. 

Vivian Schiller


Executive Director, Aspen Digital, Aspen Institute

General (Retired) Richard "Rich" Clarke


Retired Military General,

John Chambers


Founder & CEO, JC2 Ventures

Share With Your Community