When national cybersecurity czar Richard Clarke talks about the danger that cyberterrorists pose to the nation's computer systems, it's clear he believes a major attack is simply a matter of when. He warns of a "digital Pearl Harbor," in which an attack on one portion of the nation's IT infrastructure would have a domino effect on other systems, halting operations at hospitals, airports, and utilities. "Our enemies know our technology as well as we do, and our enemies will use our technology against us," he says. "Our enemies will find the fissures and the seams in our high-tech economy."

Clarke will need all his conviction and persistence to marshal the government, private businesses, and the IT industry behind a campaign to protect critical systems. Clarke, appointed in October by President Bush to the newly created post of special adviser to the president for cyberspace security, also is chairman of the President's Critical Infrastructure Protection Board. That position makes him the federal official most directly responsible for protecting not just IT systems and electronic networks such as telecommunications infrastructure and the Internet, but all essential utility systems, including energy, water, and transportation. He reports to Homeland Security Director Tom Ridge and National Security Adviser Condoleezza Rice.

Clarke, 50, is a government lifer who's moved through a number of defense and intelligence jobs. The thorniest part of his current position is convincing government officials and private companies that the threat posed by computer attacks is as big as he believes it is. Clarke considers it the government's job to discuss with IT vendors what they're doing to harden next-generation computer hardware and software systems and critical nationwide networks against electronic and physical attacks. "The problems they've seen to date aren't a good indicator of what they'll see in the future," Clarke says. "Rather than looking at the past, they need to look at the vulnerabilities."

Colleagues say Clarke's persistence will help him convince doubters of the pressing need to prepare for cyberattacks. "The thing about Dick is that once he gets the bit in his teeth, he doesn't let go easily," says Bob Kimmitt, executive VP of global and strategic policy at AOL Time Warner. As a National Security Council official, Kimmitt worked with Clarke in the late 1980s and early 1990s.

Clarke's determination and focus can come off as caustic or abrasive at times, yet he can't afford to ruffle too many feathers. How successful he'll be in preparing the country for cyberthreats will depend heavily on his powers of persuasion, since his office has only a half-dozen staffers and no regulatory authority of its own. Clarke must persuade others in government to carry out his office's policy recommendations, while also convincing private-sector companies to step up their own security efforts.

He doesn't think it's proper for the government to dictate exactly how the IT industry should respond to the threat of cyberterrorism. "The government is incapable of writing regulations to create IT security," he says. What it can do is increase awareness of the threat, research new security technologies, and assess how interdependent systems would respond in attack scenarios.

Clarke sees his key challenge as convincing policy makers and businesses that-in light of the Sept. 11 terrorist attacks-they've devoted too little money, time, and attention to cyberthreats. "We need to insist that the next generation of hardware and software systems have security built into their basic architecture," he says. "As long as we're a superpower, there will be people who will come after us."

close this window