I recently finished Richard Clarke’s new book, Cyber War, and I have but two words for the former cyber czar: thank you.

I’ve probably read as much about this subject as Washington insiders and in my opinion, Clarke’s book immediately leapfrogs numerous other overly technical or Washington-wonky volumes. As such, it is a must read for security professionals, legislators, and business executives–especially in the 18 industries designated by Washington as “critical infrastructure.” Heck, anyone interested in cybersecurity should read this book to understand the current threats, possible cyber war scenarios, and where our tax dollars are and aren’t going.

When reading this book, get ready to self-translate several subculture languages including security technology, military acronyms, and Washingtonese. That said, Clarke does a great job explaining these terms in simple English and even includes a glossary to help newbies along.

I can’t possibly provide a synopsis of Clarke’s book in a blog, but the primary take-aways are:

1. Cyber warfare is common practice. The U.S. Military has launched its share of cyber operations, as have China, Israel, North Korea, and Russia, amongst others. Clarke’s is the only book I know of that describes all of these incidents.
2. The U.S. is extremely vulnerable. Our offensive capabilities are strong, but our defensive safeguards are way behind where they should be. In military terms, we are at an asymmetric disadvantage. For all of our military might, this could tip the scales against us.
3. Washington is doing next to nothing. Every U.S. citizen should be very pissed off about this. We’ve spent billions of dollars and waved our hands around, but we haven’t secured our networks or passed any serious legislation. We need real action, not lobbying and empty promises.
4. There really is no organized plan. If we suffer a cyber attack, there is really no chain-of-command, protocol, or international agreement on what happens next. Yikes!

Clarke lays out a plan to get us started in the right direction. I don’t agree with all of his suggestions, but they are certainly a good start.

Whether we like to admit it or not, we all may wake up one day with the power cut off and the banking system in total disarray. Naysayers dismiss this threat, but it has happened on a limited scale around the world and will happen in a much bigger way if the U.S. continues to manage cybersecurity with its head in the sand.

Clarke clearly articulates the threats, vulnerabilities, and real risks we face in any type of sophisticated cyber warfare. He also balances his wake up call with some sound and cogent advice on what we should do. I suggest that anyone with an interest or stake in this topic read the book and join Dick Clarke to get the federal government to listen and act as soon as possible. As someone who has been preaching this same message, I can tell you that it is a lonely crusade–we need all the help we can get.

Related posts:

1. Note to Washington: You Own the Information Security Communications Gap
2. “Must Read” Report on Cyber Warfare from McAfee
3. “The Illusion of Due Diligence”: Another Cybersecurity “Must Read”
4. Fatal System Error: A MUST read for IT professionals, legislators, and law enforcement
5. Cyber ShockWave Illustrates Why the Federal Government Must Lead the Cybersecurity Charge

Tags: Cyber War, Cybersecurity, Richard Clarke