CYBR 650 - Blog Post 2

(Me having lunch with congressmen Tom Cole (left) and Mike Rogers (right))

                I was invited to participate in the Reagan National Defense Forum this past Saturday located at the Ronald Reagan Library in Simi Valley, Ca.  (10 miles from my house).  The forum brings together some of the most significant players and contributors in the world of national defense and security in the nation.  Being on the VIP guest list entitled me personal access to many of these individuals both in person as well as to sit in intimate panel discussions.  For those of us in national defense, it’s surreal to hang out at cocktail hour with 4-star generals, members of congress and chit-chat about everything from security policy to football.  In a single day, I personally saw or talked with include:

-          Dr. Mark Esper (Secretary of Defense)

-          Rob O’Neil (National Security Advisor)

-          Jim Mattis (former Secretary of Defense)

-          Jeff Bezos (Founder, CEO of Amazon.com)

-          Brad Smith (President, Microsoft)

-          Leon Panetta (former Director CIA, former Secretary of Defense)

-          Dana Deazey (DoD CIO)

-          Karl Rove (former deputy White House Chief of Staff, Bush 43)

-          ADM Paul Nakasone (Commander US CyberCOM)

-          ADM Michael Gilday (Chief of Naval Operations CNO)

-          Gen. David Goldfein (Chief of Staff, Air Force)

-          Gen David Berger (Commandant, US Marine Corps)

-          Gen James McConville (Chief of Staff, US Army)

-          Congress (Tammy Duckworth, Adam Smith, Mac Thornberry, Liz Cheney, 20 others)

                Promoted as a forum for national security, I’ve observed the panel discussions this year and last year starting with the topic of security, readiness, lethality and quickly meandering into cybersecurity and nation-state sponsored threats.  This was true for every forum.  Discussing national security at the highest levels now includes cybersecurity and the realization that the cyber threat is just as significant as potential kinetic warfare.  China, Russia, Iran and North Korea were popular topics by all the major players and all panels defaulted to discussing how the cyber threat affects the overall wellbeing and way of life for the United States.

                Sitting through 10 hours of panels, fireside chats and personal discussions with a few of these key individuals, it became apparent that the underlying topic for our national security is nation-state sponsored cyber threats.  Below I highlight some of the significant speakers and presentations.

                Lunch keynote speaker Secretary of Defense Dr. Mark Esper showed fluent knowledge and experience in security and highlighted many cyber-relevant situations which the National Defense Strategy supports defending against.  It was refreshing hearing his take on the NDS and emphasized that continuing resolutions (CRs) will negatively affect the military and encouraged congress (30 of which were in attendance) to pass the budget and help meet the goals set forth in the NDS. 

                Amazon founder and CEO Jeff Bezos had some memorable quotes and advice.

                “To earn trust – do hard things well, over and over and over again” This was in regards to things like stating they would do next day shipping with Amazon Prime, or offering AWS or video services.  It wasn’t easy, but he proved to others they were able to do it, and do it over again.  This builds trust in the brand and enterprise.   He also had advice on decisions indicating there were two types:

1.       Highly-consequential, irreversible, one-way decisions

2.       Normal decisions which can be reversed without dire consequences

Bezos mentioned that we use the hard decision-making process for situations such as #2 causing us to over-think and add too many people to the decision-making process when it’s not necessary.  Understand the situation, use critical thinking, keep the quorum small and make fast decisions if not irreversible and highly-consequential. 

                Mr. Bezos also discussed his ”disagree & commit” methodology which he encourages leaders to adopt as a way of progressing in the decision making process.  (see here:  https://www.inc.com/justin-bariso/it-took-jeff-bezos-only-three-words-to-drop-the-best-advice-youll-hear-today.html)  Also, he highlighted the importance of being robust and nimble which somewhat translates to resilience and agility in the form of program acquisition and decision making.

                I was very impressed with Ellen Lord, Under Secretary of Defense for Acquisition and Sustainment.  Unlike some high level officials, Secretary Lord is very familiar with new technologies and recent policy and while responsible for all DoD acquisition, encouraged the group to “fail small, fail fast and move forward”.  She said readiness and modernization should be hardware enabled and software defined and the laborious acquisition process the DoD is stifled by will need to be revamped to compete with our foreign advisories in the 21^st century.  She is also familiar with the Cybersecurity Maturity Model Certification (CMMC) and indicated that 1^st tier contractors (Lockheed, Northrup, GD, Boeing, etc) will need to help support lower tier contractors become compliant with this standard.  We should expect to see more news of it within by March 2020. 

                I had a chance to briefly chat with DoD CIO Dana Deazey and asked him if he noticed that all the panel discussions started off discussing high-level defense readiness and acquisition but ultimately included discussions about cybersecurity.  I asked him if perhaps the next Reagan National Defense Forum could include a panel specific to cyber threats and readiness in the DoD and he said, “that’s a good idea.  I’ll bring it up to them.”  Not sure if that was sincere or not, but since he said it was his first time at the NDF, I indicated this was the case for most of the panel discussions. 

                During the happy hour the night before, I had a chance to speak with General Mattis about how the cyber threat has increased since his time in the military.  He indicated how the DoD has been aware of cyber threats for a while, but only really seeing it posing a national security threat the past decade, and much more in the past few years.  He then reiterated that position later on in the day while discussing a variety of topics with Leon Panetta.  Both very wise.

                There was a panel discussion that filled the house – the Chief of staff of the Air Force and Army along with the Commandant of the Marine Corps and the Chief of Naval Operations held a panel to discuss national security and how each of the forces were supporting it.  All were fluent in how the cybersecurity threat is now a top tier concern for all these leaders and they indicated more support and direct involvement in making sure each service was baking cybersecurity into their acquisition, product line and culture. 

                National Security Adviser Rob O’Neil was also there, but his canned 15-minute speech was a partisan tribute to Donald Trump.  Many of the comments he made pushed republican agenda items and perpetuated the false narrative of a successful presidency, contradicting many of the positions previous speakers took.  Very disappointing and the snickering from the audience was very noticeable and his statement made many people uncomfortable. 

                Overall the 2019 RNDF was very successful and the folks at the Reagan Presidential Library did a fantastic job coordinating the speakers, the guests, security, food and refreshments and media.  I look forward to being there next year. 

Full videos of all panels can be located here:  https://www.youtube.com/playlist?list=PLHNOi2zcxo7tPPwgTEaF421osdMepdJKk