National Security Entrepreneurs Create Cyber Insurance


At the Government Accountability Project (GAP), we began working with whistleblowers in the wake of Washington's Watergate scandal, an episode that showed what our public officials were capable of when left to their own devices. In the years since then, as the U.S. adopted sweeping privatization and deregulation policies, GAP has come to provide legal help to whistleblowers from both public agencies and private firms.

When the first whistleblowers from the National Security Agency (NSA) came forward -- before Edward Snowden -- they reported not only violations of privacy and the Constitution, but fraud. After all, NSA cyberspying, cyberattacking and cyberdefending are largely done by private companies which are, by the way, paid lavishly. We can't be sure exactly how lavishly, because although we're the people paying them, we have no right to know what we're paying for. It's the black budget; it's secret.

It's also expensive because cyberattacking and cyberdefending are still nascent skills and only a few experts know what they're worth. Those experts, it seems, tend to cycle from government agencies to private corporations, where they decide (pretty much unsupervised) how much they ought to be paid.

After doing a few years' time on the public payroll, national security czars are distinguishing themselves for their entrepreneurial ability to capitalize on what they learned in government. One man who joined the ranks of intelligence bureaucrats and then slipped through the revolving door between the public and private sectors is Tom Ridge, the first and former Secretary of Homeland Security. He joins a club that now includes:

  • Michael Chertoff -- Former Secretary of Homeland Security and now the principal of the Chertoff Group.
  • Michael Hayden -- Former Director of the Central Intelligence Agency, and now a principal in the Chertoff Group.
  • Keith Alexander -- Former Director of the National Security Agency and now the CEO of IronNet, his new cyerbsecurity firm.

So now, Tom Ridge. Ridge is about to cash in on the brand new, sparsely populated financial niche recently carved out by the cybersecurity alarmists who have whipped us all into a state of panic about cyberattacks. Ridge is launching Ridge Insurance Solutions in partnership with Lloyd's of London -- which, for a fee, will offer insurance to cover the damages caused by cyberattacks.

The Financial Times, reporting on Ridge's venture, observes that cyber-insurance is likely to be costly:

Insurers are cautious as they lack the extensive claims experience they have built up over several decades writing more established policies.

Heretofore, Ridge has been clever about exploiting his insider status and knowledge of government cybersecurity plans. He works in tandem with a former Obama appointee in the field:

Since he left office Mr. Ridge has taken a keen interest in cyber security. He founded the consultancy Ridge-Schmidt Cyber with Howard Schmidt, a former cyber security co-ordinator for President Barack Obama.

Schmidt was also a cyber-adviser to President George W. Bush. So in Ridge's previous venture, no matter which party controlled the Congress or the White House, the firm had secure connections right at the top.

This configuration of secrecy and political connections is ideal for cashing in. In a field with billions of dollars in public money, no oversight and a corner on the expertise, Ridge, like Chertoff, Hayden and Alexander, is well-positioned to convert government funds into private profit.

Forty years ago, we all learned about Deep Throat, who famously told Bob Woodward that if he wanted to understand the machinations of Watergate, the Nixon White House and the cronies who managed America, he should "Follow the Money."

That is still very good advice in Washington.


Bea Edwards is Executive & International Director of the Government Accountability Project, the nation's leading whistleblower protection organization. She is also the author of The Rise of the American Corporate Security State.