Podcast with Dr. Kevin Harris, Program Director, Cybersecurity, Information Systems Security and Information Technology and
Lieutenant General Vincent Stewart, former Deputy Commander, United States Cyber Command; 20th Director of the Defense Intelligence Agency (DIA); U.S. Marine
Career transitions bring new challenges, opportunities, and perspectives. In this podcast recorded in 2020, Lieutenant General Vincent Stewart talks about his 38-year career in the U.S. Marine Corps and his leadership experience as the Deputy Commander United States Cyber Command and the 20th Director of the Defense Intelligence Agency (DIA). Learn how his military training and mindset helped him during his career transition to the private sector, why he advocates so strongly for businesses to hire military veterans, his dedication to lifelong learning, and his advice to others during a career transition.
Listen to the Episode:
Subscribe to Protect and Secure
Read the Transcript:
Leischen Kranick: Welcome to Protect and Secure. I’m your co-host Leischen Kranick. Today, I’m joined by my co-host and the Program Director of Cybersecurity at American Military University, Dr. Kevin Harris. Hi, Kevin. Great to be with you. How are you?
Dr. Kevin Harris: Thanks, Leischen, and I’m really excited to be here. We’re so honored to have such an outstanding guest today, Lieutenant General Vincent Stewart. Welcome, sir, and thank you for joining us today.
Lt. Gen. Vincent Stewart: Good morning, everyone. It’s great to be here. I’m looking forward to a lively and entertaining session.
Leischen Kranick: Thanks again for taking the time to share your expertise. Before we get started, I really just wanted to give our listeners some background about your impressive career. So, Lieutenant General Vincent Stewart served for more than 38 years in the US Marine Corps. He served as the Deputy Commander United States Cyber Command, one of the 11 combatant commands of the Department of Defense with military and civilian personnel stationed worldwide.
Prior to that assignment, he served as the 20th Director of the Defense Intelligence Agency, or the DIA, where he oversaw the global defense intelligence enterprise, which supported customers from the President of the United States to the troops deployed around the world.
He was the first Jamaican American and the first Marine to hold that position. Currently, he serves as the Chief Innovation and Business Intelligence Officer for Ankura, which is based in Washington, D.C.
We’re also very proud to note that Lieutenant General Vincent Stewart is a member of our university’s Board of Trustees, and that his leadership and career experience can help guide our university in providing outstanding and relevant academic programs. So, thank you again, sir, for joining us, and thank you for your decades of service to our country.
Lt. Gen. Vincent Stewart: Thanks for the great introduction. My mother would be proud, my mother-in-law would still be wondering when it’s going to be a success. So, we’ll keep working on it.
Dr. Kevin Harris: Well, part of that success that we heard about, and as your career, you’re the first Jamaican American to be the Director at the Defense Intelligence Agency, and served at some of the highest levels of US Marines, including delivering briefings to the President of the United States and other members of national security staff. Do you mind discussing that journey and how you first got interested in cybersecurity?
Lt. Gen. Vincent Stewart: Let me start this way, I’ve been asked a number of times if I had a book in me, and my response is generally, no, I don’t think anybody would be terribly interested. But I do have a couple of chapters. One of those chapters is the opportunity to brief President Trump shortly after he took office. That was quite an experience.
Let me back out from that before I get in trouble. I don’t know if everybody knows this story. Oftentimes, I get asked, “Hey, good morning, sir, how are you doing?” I’ll generally say, “I’m living the dream.”
I don’t believe anybody really understands how deep that response is. I came to America at age 13. We came here with nothing. My mother and father came a year ahead of us. We stayed with our grandparents in Jamaica for about a year, and then we came to America landing in New York first and then going on to Chicago.
We came to America with the idea that America was the land of opportunity, the place where dreams get fulfilled. At age 13, we landed, we got the first part of culture shock. Think about landing in New York in November going on to Chicago, from a tropical island to the wind coming off the lake in Lake Michigan.
But we had nothing. I don’t recall having luggage even. I believe we had what we had on our backs, at least as far as I can remember. We had no title. We had no great wealth set aside somewhere. We were just coming to America on the hope of America.
To then be able to go from the hope of America to a free education at Western Illinois University, the home of The Fighting Leathernecks. Many people don’t realize that the Western Illinois University actually owns the rights to The Fighting Leathernecks, it’s not the Marine Corps. I’ve been a leatherneck my entire life, my entire adult life.
I went to Western Illinois on a football scholarship and then decided to serve our country, my adopted country to give back. As a result, joined the Marine Corps with the intent of doing three or four years and then getting out of the Marine Corps and doing something special. I had no idea what was something special. But the Marine Corps turned out to be that something special.
I fell in love with the Marine Corps, I fell in love with the people, the Marines, the men and women who helped me to be so successful. The Marine Corps continued to challenge me, step by step, year by year, until I woke up one day and discovered that I’d been doing it for 38 years, and I probably ought to grow up and do something else.
Much of my career was spent in the intelligence community. I spent a good bit of time in the signals intelligence community, both doing the protection of our networks and exploiting other people’s networks, and I’ll leave it there.
That got me into the future. When I started in the SIGINT world, it was high frequency manual morse intercept. All of that translated over time, to networks built by men, built around routers and servers and switches. It was a natural progression into defending the modern network.
That’s how I got to cybersecurity and cyber operations, and I’ve been doing that really for about the last 10 or 12 years.
Dr. Kevin Harris: No, thank you. A lot of great info there. When you talk about some of the opportunity that you were afforded throughout your career, and just how that helped you, when we talk about the cyber field, what are some things that you think, in your opinion, can help make it attractive to diverse individuals of all types of backgrounds?
Lt. Gen. Vincent Stewart: Well, the reality is, regardless of whether we want to or not, we are all part of the attack surface. If you have a smart device, a watch, a phone, a refrigerator, a TV that’s connected to this future, this Internet of Things, this is the space for the future. All of our information, all the data that is important to us will ride along this network.
It is a multi-trillion dollar enterprise to build resilient networks, protect them and protect the data that resides in that network. Whether we want to or not, we are part of this. We may think we’re insignificant, and no one’s interested. If you have a bank account, someone’s interested. Someone who picks your pocket for $5 in your wallet, now can do this electronically, because I can touch your network.
If you have medical records that you want to keep private, someone is probably out there looking to see how they can exploit the things that are in your medical record. If you work for a corporation, someone is interested in that data that rides on this network.
The phrase was coined a few years ago, “data is the new oil.” I think that’s a great metaphor for the future. All of our data is interesting to someone. Whether it’s interested from a nation state standpoint, or from a criminal standpoint, someone is interested in that data. The folks who can take advantage of how we build networks, protect that data and make it resilient and recoverable will be incredibly valuable going forward. This is the 21st century.
Dr. Kevin Harris: When you talked about the medical records and IoT, it brought up our situation that we’re in now with our pandemic, with COVID. How is the threat landscape changed and been impacted with COVID-19?
Lt. Gen. Vincent Stewart: There are a couple of different things. One is, there’s now the competition for who solves the COVID problem. If I’m either a criminal or a nation state, I want to steal intellectual property that goes into this is the solution to the COVID-19 crisis, because now I can monetize it.
I don’t have to invest in research and development, I can go to those organizations, let’s pick Pfizer, who is doing some working in this vaccine space, and if I can get into their network, and take that intellectual property, and simply turn that from research and development into production on mass scale and distribution on mass scale, I get a decided advantage because I can steal that information, and I don’t have to commit any resources to research and development.
The second part now is we are now working in a dispersed way. In one example, I would have X number of people operating in a building. I could monitor their activity inside the building, I can build all the real firewalls around that one structure. Now, take, let’s make up this number, let’s say there are 1,000 people in this building, and now 1,000 people are working from 1,000 different locations, rather than just from one building. I’ll even simplify it, I’ll say not 1,000, there’s 500.
But regardless of the number, I’ll now increase my attack surface, I can now increase the vulnerability to the network because the network is as strong as the individual points on that network, it’s as strong as the weakest link.
If someone fails to do the right thing that we prescribe, go behind the virtual private network, make sure your malware detection and mitigation is up to date, make sure you’re using good strong passwords and maybe I have a way to monitor that, and maybe I don’t.
But the reality is I’ve increased the attack surface, I’ve made my entire enterprise more vulnerable because in most cases, the vulnerability to our network comes from an insider.
Not because an insider is malicious, but because an insider has poor cyber hygiene. What do I mean by poor cyber hygiene? We tell all of our folks, do not click on links that you don’t recognize, hover over the link, see where it’s coming from.
It seems, regardless of the amount of training an organization does, about 4% to 5% of folks still click on the link to the point where I’ve said, I could even put in the subject line, “do not click on this link,” and a percentage of folks will be interested enough that they will click on the link.
That’s just a simple link. That’s not even a socially engineered link, because now I can track the things that you’re interested in, and I can design a link that you will be interested in clicking on. You like fishing in Montana in April, I can send you something specifically tailored to fishing on X river in Montana in April, aren’t you interested, and I’ll get some people interested.
Dr. Kevin Harris: With that, assuming you got that wide threat landscape that’s changing that you talked about, what are some recommendations you have for cyber professionals that’s in the technology field to help combat that?
Lt. Gen. Vincent Stewart: It starts with education. The major breaches that I’ve looked at over the past several years, I am absolutely certain that those folks believe that they were doing all of the right things to prevent the major breach.
But if you’re not doing some fundamental things, you’re not updating your operating system regularly whenever it’s outdated. If you don’t have a malware detection and loss detection program, you’re putting, particularly the malware detection and mitigation program.
If your enterprise isn’t using strong passwords, it is stunning to me that month over month, year after year now, the most commonly used password is the word “password.”
Now, some people get clever, and they use a capital P, and they put 1234 on the back end. If I’m a brute-force hacker, guess where I’m going first? I’m going to those standard, poor, x password. Again, we made it as an industry really hard, we say you got to have 15 characters, uppercase, lowercase, a number, et cetera, et cetera, and it doesn’t have to be that complicated.
It has to be long, it has to be something other than “VinceStewartisagreatAmerican,” because folks will figure that out fairly quickly.
But if you can come up with a passphrase that is long, that is 15 characters, it is just as effective as uppercase, lowercase, numbers, and special characters, et cetera.
You’ve got to do at least three basic things; your operating system, your malware detection, your password.
I’m okay with a password program, because with a password program that generates a strong password, I only still have to remember one, the master password. I can even write the master password down at home because if you really want to get me, you got to come to my house, you got to break in, you got to find where I wrote my master password, and I’ll take my chances there.
You want to do multi-factor authentication whenever you can. So that if someone attempts to log in, you get a notification, you can make a determination of whether, “yeah, that was me” or “wait a minute, that’s not me.”
But we made it so difficult as industry and even in the private sector. I’ve got 37 different accounts, I got to remember 37 different passwords. Well, that’s almost impossible. Those are the big things, I think, and I think that came close to answering your question if it didn’t come back to me.
Dr. Kevin Harris: No, that was perfect. Actually, it led me into something else. You mentioned private things that users can do, the industry and all. Made me start thinking about collaboration with it not being just one area. When we talk about international collaboration in the cyber field, how important is that international collaboration?
Lt. Gen. Vincent Stewart: Yeah, it’s important at every level, quite frankly. How we do the right public private partnership where we can share insights, we can share threats, and we can do it at multiple classification level. That sometimes, is the biggest challenge.
The things that the intelligence community has that is highly sensitive, is awfully hard to share with our commercial or our private partners. But I tell our private partners, don’t worry about that so much, because probably 85% to 90% of the intelligence you need to defend your networks is available, you can buy it.
You can buy it from FireEye, you can buy it from CrowdStrike, you can buy it from any number of vendors, who can give you that threat intel. Very rarely is there’s so much more exquisite that the intelligence community can add to helping you to defend your network.
At the local level, at our level, the right public private partnership becomes really important. Then you go to the international level, and what you share becomes even more challenging, because the activity may be taking place in the international space.
I don’t know an attacker who goes directly from Vince to Kevin. The attacker is going to go from Vince to Bob, to Shirley, to Janice, and ultimately get to Kevin. Well, if part of the attacker’s network is in an international partner space, how do you deal with that?
Oh, by the way, the international partner’s looking at us because some of the attack is coming from Palo Alto, there might be a server that is running in Palo Alto that might be the key threat vector.
You got that coordination thing that you got to do, and you’ve got to be able to do that at the speed of the network. There’s a plane inbound to Europe, and it will be there in six hours, it’s going to be there in three milliseconds.
Someone hits send, execute, and it’s there. How do you do that coordination at network speed becomes an increasing challenge. How do you do that in a different set of privacy set of rules? How do you touch people’s data? How do you handle people’s data? How do you store people’s data?
Now, you not only complicated the problem by network speed, but you’ve complicated it by privacy and security implications. This is so different, again, this is why I tell folks,” I don’t know how you not get excited about this space.” Because you go back to when the United States declared its independence, someone had to write something down on paper, give it to a messenger who got on a boat, who went across the Atlantic, and delivered it to the king.
Today, I can do that with one key stroke. I type slow, so, it’ll take a little bit of time, but the average person types really fast and can hit send very quickly, and in milliseconds, it’s global.
I saw an email the other day, this is just going to be internal, we don’t want it to go to everyone around the network, because this is about the US and I go, I just need one person who just said, “You know what, I need to share it with Shirley.” And off you go.
You put in the subject line, do not disseminate further, and someone still disseminates it. Trying to do the key partner, private public integration in the United States is challenging. I talked about classification, but I also talk about proprietary.
Microsoft may not want Google to know their secret sauce. You got a whole other set of things that you’ve got to work through, and then you got to do that to our partners, our international partners, different standards for privacy, different standards for sharing. Yeah, this is not easy work, and we need the smartest minds in our country to help us think our way through how we do this more effectively.
Leischen Kranick: You talked a little about the international partnerships that are necessary to protect the whole network and identify some of the folks who are bad players in this space. I’m wondering, just throughout your career, have you seen those collaborations really improve among international players? Do you see countries reaching out and working closely?
I work a lot in the law enforcement space, and I know that there’s been a lot of great work with INTERPOL and just trying to really come together to fight a lot of whether it’s human trafficking or other things that are happening over cyber connections now.
Lt. Gen. Vincent Stewart: One of the things that I often talk to folks about is, who are the best players in this space? I think the United States is the best player in the space, followed probably by Russia and China, in terms of great powers.
But one of the things that the United States has is an alliance. We know that we can count on the Brits, the Australians, the Canadians, New Zealand, Israel. We have an alliance that not only have some—I didn’t add Israel in terms of the best players, but they’re among the best in this space.
When we can lean on a variety of key partners who gives us great insights, and we share, we collaborate, we coordinate very effectively, what I always wanted at the US Cyber Command was multiple pathways if I wanted to get after a target. Multiple authorities that I can use, it’s most effective at the time of need, and diversity of tools.
Now, the fact that I have these key partners and allies who’ve worked with us for many, many years, we are stronger as a group, we’re pretty daggone good is number one top of the pyramid. When we bring our partners in the way that we’ve shared and collaborated, there isn’t anything that we can’t do in terms of understanding the threat and countering the threat in this space.
Leischen Kranick: I’m just curious, do you feel like there’s a pretty good idea of where these bad players are in the world? Do you know that the majority of attacks are coming from certain areas, and that’s what everyone’s focused on collectively?
Lt. Gen. Vincent Stewart: If you’re a bad attacker, then you’re leaving your footprint, you’re leaving fingerprint behind the can be traced. The good actors make it very difficult to attribute, very difficult to track. But even so, there are some techniques that allows us to attribute to particular actors, because we’ve seen it enough times and seen it before.
We have a sense of who the players are, for the most part. I’m sure there are organizations in countries who are keeping their most sensitive and best capability for a time of crisis. But for the most part, we know who the persistent threats are. We know how they operate. We’ve been able to do enough good reconnaissance on those threats, and have mitigating strategies for some of them.
Leischen Kranick: Wonderful. You talked a little bit about the public private partnership. I wanted to just dive into that a little bit because this is a new space for you. Was it a shock for you to move into the private sector? Were there things that surprised you or what was your experience in that transition?
Probably the biggest transition is someone called me a couple of weeks ago and they said, “If you turn me over to your staff, we’ll get this coordinated.” I told them, “I am my staff.” The number one challenge is I no longer have a Chief of Staff, I no longer have a staff.
In the past I’d go, “I think I want to do a blah, blah, blah, blah, blah.” They’d go off and write blah, blah, blah, blah and turn it into something real. Now when I want to do a PowerPoint presentation I got to go, okay, which button do I push to make this PowerPoint thing happen? The loss of a staff has been interesting challenge.
Probably the other thing that surprised me and maybe it shouldn’t is how litigious we are. I grew up in 30 plus years on the handshake. “Hey, Bob, I’m going to be here, I’m going to do X, and you can count on me, here’s my handshake.”
In the private sector, you have to cover that handshake with a document, a piece of paper, where everybody agrees that the handshake will happen on Friday, and this is what it means. If you don’t, you’re subject to be sued. It is amazing. I knew we were a pretty litigious society, but that really has come home.
The rest of the things are pretty much translate. Leadership is leadership. It is not one size fits all leadership, you still have to know how to lead individuals and lead organizations made up of individuals. The idea that you can be firm with everybody as a leadership style will probably not work. Some people need firm and respond to that. Some people need more hugs than others and will respond to that.
It’s not one-size leadership-fits-all, but it is about leadership, it’s about knowing the people, understanding them, getting inside—this will sound more negative than I mean it to be—but inside their heads. Unfortunately, sometimes in the private sector, you don’t have enough time to get inside people’s head. It’s even more compounded now with COVID-19.
I’ve been with my new firm, Ankura, for about four months now. I’ve met one person physically in the four months. Everybody else I’ve met from the chest up in one of these conference calls. I think I know them, I hear what they’re saying, but they could quite easily be saying something and I’m missing the body language of what they really mean.
I find it exhausting by the time I get to the end of the week, because I’ve spent enough time on a video conference, but more importantly, I’m spending time trying to think, “What is she really thinking? I can see that she’s smiling, but I’m not quite sure.”
The other part of this first workforce, working from home, you have this wonderful thought, interesting idea. Under normal circumstance, you’d run down the hall and say, “hey, I’ve got an idea, what do you think?” You’d have that dialogue. You work your way through it.
Now you have to schedule a Zoom or a Skype. Two weeks later, you can finally get it scheduled, and you don’t remember what the heck you wanted to talk about.
General Alexander would say that he’d get in the back of his Suburban and wonder why it wasn’t moving, because you no longer had a driver. We’ve all had to discover that we have to park in the parking lot and walk to the building instead of being dropped off at the front door.
You don’t have a security detail, and so you’re wondering why that car seems to be following me. But most of the other work and the other principles translate very well to the private sector.
Dr. Kevin Harris: Well, you talk about some of that translation from the military to the private sector, what about the military mindset? How much do you think that comes into play in the private sector, and how that helps you become who you are?
Lt. Gen. Vincent Stewart: Yeah, there are a couple of things: the demand for excellence. I had an awful lot of things over the course of my career that were no fail. So, you had to be very good, you have to be well trained, you had to be well positioned. Your timing had to be right.
Those things still translate also to the private sector. Sometimes that’s stunning to me, or someone will say, let’s have a meeting with the CEO and you think, okay, someone’s going to set that up today, and three weeks later, you get an email, “Oh, yeah, we were going to set something up with the CEO.”
The timeliness, the responsiveness sometimes is challenging. But demanding excellence translates in everything you do. Sometimes folks get annoyed with me because I see a small thing on a PowerPoint presentation that’s not quite right: the alignment of text, the simple misuse of a word, and folks go, “Why are you worrying about that? That’s not the big… ” Well, if it draws my attention, it’s going to draw the attention of somebody else away from the context.
Demanding that things be precise and be excellent and be timely, are things that I spent 38 years of my career thinking about.
Challenging assumptions, we make assumptions and oftentimes we don’t go back and go, okay, so why did I make that assumption, and how does that impact as the environment changes? How do I understand the environment, so that if I build a strategic plan two years ago, I’m at least looking at it and thinking, “wow, when I did that we didn’t have COVID-19,” the environment has changed. So, how have I adopted and adapted to my environment?
One of the things that’s in my title is Chief of Innovation. What is innovation? How do we think as an organization about innovation? Is it just technology? Is it process, is it fill in the blank? How do you come up with a coherent definition of innovation without fear?
Because often times, most people think of innovation as change. Change means something that will impact me personally. I’m going to lose my parking spot, I’m going to be demoted because I’m no longer needed, I’m going to lose my office.
You start talking about innovation and change, and immediately the antibodies emerge to innovation. But if you’re not innovating, like I think we did in the Marine Corps, you’re going to be obsolete.
I often tell the story about Kodak that invented digital photography, and walked away from digital, because we got this wet film thing, and we’re dominating the market. As a result, Kodak went bankrupt and is irrelevant.
This is one of the things I loved about the Marine Corps, we’re always adapting, we’re always innovating, we’re always going, “Okay, how do we use this airplane? How do we use these boats? How do we… ” If you could do that in the private sector, and many organizations do this, I’m not saying not, but if you’re not doing that, then you’re on your way to obsolescence.
Gosh, I would love to be the guy who thought of Uber. Can you imagine when someone first said, “You know what, I think if we just let people drive their car, and we’ll put an application around that, and anybody can order up a car.” Somebody probably said, “That’s really stupid. They’re not going to do that.”
Creating this environment where urgency and innovation and excellence and timeliness and strong leadership translates very easily across the private sector.
If you can do those things, it is stunning to me to see organizations who have no idea what the vision is for their organization. If you haven’t defined the vision, and then you’re organized for that vision, and you’ve structured the leadership of up and down the organization, you’re risking failure.
And those are things that I translated from the Marine Corps. You have a mission, you’ve got a vision, you’ve got the organization, you test your assumptions, and you execute. I missed some steps, but the Marines in the audience will correct me later.
Dr. Kevin Harris: Thank you. If you don’t mind me asking one more question about the transition. As you know, a lot of our students are military students. What advice would you have for someone that’s transitioning away from the military into civilian life?
Lt. Gen. Vincent Stewart: A couple of things. You’ll have to have multiple resumes. You’re going to have to have one that translates if you want to stay in the military and in the government, because we use language that’s unique to the military and the government.
But if you don’t have a resume that translates to the private sector, it’s cool to say I was a platoon sergeant or platoon leader, what the heck does that mean in the private sector? You got to have that document, that resume that translates to the private sector, translates to the audience that you’re going after, but spend time with your resume.
Spend time building your network. I grew up in the intelligence community, and I didn’t want to do social media, I did have an account with Facebook that I never used for 10 years, I still don’t use it. But LinkedIn, I use LinkedIn. I signed up for it, I dabbled in it, but I didn’t accept any connection. But build that network because that’s the network you’re going to leverage and lean on to get your resume out, to tell your story.
Even if you’ve got Michael Quinn as one of the real experts on LinkedIn, he’s got some really good ideas on how you put your LinkedIn profile together to make it meaningful, and get people looking at your LinkedIn site.
Build your resume, build your network, be prepared. You’re going to get one shot at an interview in order to get a second interview, in order to get that final interview. So, you’ve got to be ready to tell the folks that will interview you, why in the world should they hire you? What’s your value proposition to them?
Because in the private sector, one of the things that I discovered also is that, for many years, I got to execute a budget. Someone said, “Here’s X million, X billions, go spend it.” In the private sector, you better make money in order to spend money.
So, you’re going to have to tell the story about what is your value prop? How are you going to help that company make money? I never thought about return on investments. I never thought about margins. Guess what, almost everything that I do today is “how do I get the best return on my investment?” How do I get that t-shirt built for $1.98 and sell it for $20? Because I need margins to cover overhead and cost of running the business and payroll and, and, and.
You’re selling yourself to that customer, that employer, that you’re going to add value, and you’re going to help them to get the best return and you’re going to help them with margins, and you’re going to help them with strategic planning, et cetera, et cetera.
You’ve got to have your story wired and ready to tell that story in order to get the second interview. If you’re really pushing for a higher level job, you’re going to get an interview or the senior vice president of human resources or something will start the conversation and that person will determine whether you get a second interview with the CEO or the president.
That person will determine, do I get another final interview? You got to be ready with your interview, and that’s got to be wired pretty tightly.
The adage you never get a second chance to make a first impression really becomes important. I think those are probably the three biggest things I tell folks to be ready; get your resume and get your network, get your story.
Leischen Kranick: I think that’ll be so beneficial to a lot of our military students who are considering transitioning to the, or are in the process of transitioning into the civilian workforce. I was hoping that you could put on your leadership hat.
At the university, we obviously encourage private businesses to hire veterans. I was wondering what would you like all human resources to know when it comes to the veteran population in terms of employees? Are there specific support to help those folks coming into the civilian workforce, or any other recommendations?
Lt. Gen. Vincent Stewart: I tell folks that we do a really good job of honoring our veterans. We have Veterans Day and we put out the flags all over. Far too often Veterans Day become big shopping sale day rather than about the veterans.
For what I tell organizations, I want them to do more than honor our veterans, I want them to care for our veterans. I want them to actively recruit veterans, I want them to make sure that the veterans, they take full advantage of what so many of our veterans have to offer. They’ve got good, strong leadership in many places in the private and in government sector, also. They don’t talk about leadership until you get fairly senior into the organization. They’re looking for technical skills.
In many cases, it isn’t until you become a government employee in the GS-13, 14, 15 that they start going, “hey, we ought to talk about leadership and how you might lead an organization.”
Well, we talk about leadership on day one, from boot camp or also candidate school, we’re talking about leadership and followership. Our veterans know both. They know how to follow leaders, and they know how to be leaders.
We’ve entrusted some of our veterans with multi-million, multi-billion dollar capability. I remember as probably a young major, briefing a fairly senior official in Japan. He turned to me and he said, “These kids are like 17, 18 years old, and they’re doing stuff that’s going to the President in the next 10 minutes.”
We’ve exposed these young men and women to an incredible amount of capability. We give them strong leadership opportunities. We trust them to make decisions, and then we hired them to stock shelves.
My argument to the private sector is take full advantage of what we do with these young men and women, take full advantage of their leadership, take full advantage of their decision-making skills, take full advantage of the fact that they are focused on mission. If you’re focused on mission and you have the tools, they’re going to help you to be successful.
That’s the message I give to the corporate sector, go find them, go recruit them, give them jobs, that’s commensurate with their expertise.
I very rarely take on an organization that doesn’t have the veteran in mind. Some of them are starting to realize that the first thing they got to say if they want me to be part of their advisory board is that they’re strong supporters of the veterans.
For our veterans who are going out there, know that I’m demanding from corporate sector that they fully utilize you beyond just checking the block. The expectation is strong leadership, strong decision-making skills, and a commitment to excellence, which is what we preach in our military.
Dr. Kevin Harris: Thanks. I’m sure all our veterans really appreciate your continued advocacy for them in corporate America.
When we talk about in the tech field, a lot of time soft skills questions come up. What about some of the soft skills that are required and the importance of having those?
Lt. Gen. Vincent Stewart: Tell me a little bit first about what you mean by soft skills?
Dr. Kevin Harris: The ability to present material, whether it’s orally or even written format. And be a team player, working within groups or other members of a team, both managing up, managing down.
Lt. Gen. Vincent Stewart: The first thing I thought about was communication skills, whether oral, written communications is so important. Folks are judging immediately what comes out of your mouth and how it comes out.
Again, this goes to part of what we learn in our military about preparedness. I’ll get this quote wrong, it’s something to the effect that “better to keep your mouth shut and presume to be an idiot, than open your mouth and confirm that you are” and that’s a paraphrase.
But I want to make sure that when you open your mouth to say something, people lean forward, get their notebook out and are ready because you are going to present verbally something that’s powerful, impactful, meaningful, it changes the dialogue, enhances the dialogue.
If what you’re going to say is going to be gobbly gook, then just shut up. Don’t say anything.
When I was first at the Pentagon, Secretary Rumsfeld was the Secretary of Defense. The guidance basically was if you’re sending a memo up to us, it has to be one page, Times New Roman, 12 bits font.
Then you go, “I can’t get all my stuff on one page.” Well think about the Secretary of Defense, 1.3 million men and women in uniform, another 800,000 or so in National Guard and Reserve, 700,000 or so civilian. If every one of them sent him a one page, let’s just say 10% of them sent to him, that’s an awful lot of reading.
So, you have to be very clear and very concise and get to the point. Here are the issues. Here’s the assumptions we made. Here’s the decision you need to make. Now, there are 600 other pages that go behind it. But that’s the job of the staff officer then to capture what’s in those 600 pages, and get succinct, powerful written communication that helps decision makers.
I used to ask my mentees, and I don’t do this as much as I used to, I used to ask them to write 800 words on something every day. I was driving down the road and I saw a yellow Volkswagen and here’s 800 words about it.
It’s like any other muscle or any other activity, the more you do it, the better you get at it. As you get to Saturday, and you start reading what you wrote on Monday, you’re like, oh, this was pretty horrible. But hopefully Tuesday, it was better and Wednesday, it was better.
I often asked my mentees that they got to be reading all the time. I don’t mean, if you’re in the cybersecurity space, you got to read about cybersecurity, read something different every day. I’ve got a 700-page book here that I hope to get to read. It’s the latest Obama memoir. I didn’t realize how thick volume one was, I might not have bought it.
But I want folks reading and writing and thinking about how to communicate every single day. I mentioned body language. It is really important to think about what you’re communicating—70% of communication is body language. What message are you sending with your body as you interact with people?
Probably the most important skill, soft skill, I think, and I often say to folks, “God gave us two ears and one mouth to listen twice as much as we speak.”
Listen to people, really listen to them. Someone’s going to start talking, and they’re going to hit a word that triggers some emotion, and you’re going to spend the rest of your time thinking about that triggered emotion, and you will not have heard why they use that word.
Listen twice as much as you speak, especially if you’re the leader in the organization, you’ve got to be listening, you’ve got to be watching body language of the folks you interact with and you’ve got to be ready to communicate completely.
One of the things I used to do is I get into the staff meeting, and you got to the key leaders at the table, and you got some folks on the back row. I love looking at the reaction of the folks on the back row. They’re going, “Oh, that’s really stupid. I can’t believe they just said that.” I’ll call one of them out and go, “So, what are you thinking?” That, of course will shut up all the people at the front table and go, “Why is he talking to folks in the back row?”
Dr. Kevin Harris: I heard you talking about reading and writing there, and also just when you’re talking about some of the things you work with your mentees on writing and learning, looking at what they were doing. Just had me think about the importance of being a lifelong learner, your role on the Board of Trustees with education. Just what’s your views on the importance of education, a well-rounded degree?
Lt. Gen. Vincent Stewart: At the end of the day, we can’t see every part of the world and every event that has occurred. When I was a young boy, we got the Encyclopedia Britannica, and then you got your annual update. It was like the world didn’t change for a year. Where we are now is I want to know a little bit about Egypt, and I want to know a little bit about bioterrorism, and I want to know a little bit.
Creating that inquisitive mindset about knowing and finding organizations that encourages that kind of learning and knowing just makes you a better person, makes you a better citizen.
We take for granted some of the great opportunities we have in this country. One of the reasons I tell my story is that no other country on the face of the Earth could my success occur, and I mean that.
To go to a country at age 13, get an education, get opportunities, able to take advantage of most of the opportunities, and rise to be a Three-Star General in the greatest fighting force the world has ever known, and to have the opportunity to be a Director of an intel agency and to be the Deputy Commander of the US Cyber Command. To have the opportunity now to do what I’m doing with the transition team. There is no other country where this is possible.
All of that is underpinned by knowing some stuff, being educated on some stuff, being the expert on some stuff. That doesn’t happen by just going to sleep at night and getting eight hours sleep and then having breakfast.
It means you’re in the books, you’re reading, you’re looking for an advanced degree that will challenge your intellect. I do mean challenge. I use that word, because it’s not just about, oh, I like Russian history, and that’s easy. So, I’ll just do Russian history. Do Russian history that challenges your intellect, and drives you to another level where you are, in fact, the expert in this space.
I can’t speak enough for continuous education, continuous learning, continuous driving the development of your intellect, because I think that opens up all the doors that are possible in this country.
Dr. Kevin Harris: Just want to say, wow, thank you for being an inspiration to many, I appreciate it. Thank you for sharing your expertise and experience across the wide areas including cybersecurity. And thank you for your continued contributions to our university.
Lt. Gen. Vincent Stewart: It has been a pleasure and I wish all the folks who hear this podcast the very best. Drive for excellence, drive for commitment, and it doesn’t matter what state you come from, we’re all United States Americans. So, keep that in mind in this very, very difficult time. Thank you all again and God bless.
Leischen Kranick: Thank you much, sir, and thank you to our listeners for joining us. Please subscribe to Protect and Secure to be notified when new episodes are released. Be well and stay safe.
About the Speakers
Dr. Kevin Harris is the Program Director for Cybersecurity, Information Systems Security and Information Technology at American Military University. With over 25 years of industry experience, Dr. Harris has protected a variety of organizational infrastructure and data in positions ranging from systems analyst to chief information officer.
His career encompasses diverse experiences both in information technology and academia. His research and passion are in the areas of cybersecurity, bridging the digital divide, and increasing diversity in the tech community. As an academic leader, Dr. Harris has instructed students at various institutions, including community colleges, HBCUs, public, private, graduate, undergraduate and online. He has trained faculty from multiple institutions in the area of cybersecurity as part of a National Science Foundation multistate CSEC grant.
Lieutenant General Vincent Stewart (Retired – USMC) is currently the Chief Innovation and Business Intelligence Officer for Ankura, based in Washington, D.C. Before Ankura, during a military career that spanned nearly four decades, Lt. Gen. Stewart served in many senior roles, including Deputy Commander of United States Cyber Command. He provided strategic leadership to more than 10,000 personnel executing the full spectrum of cyberspace operations, including securing the Department of Defense’s Information Network, which consisted of 3 million users in 140 countries across 15,000 networks and 6,000 physical locations.
Before that, as the Director of the Defense Intelligence Agency (DIA), Lt. Gen. Stewart effectively managed a global organization of over 16,000 personnel operating in more than 100 countries, delivering intelligence on the military capabilities of potential adversaries. He provided intelligence briefings to the President of the United States and National Security staff regarding global emerging threats and opportunities, as well as regular global threat briefings to congress to inform policies and budget decisions impacting the Department of Defense. In this role, Vince also served as the principal advisor to the Secretary of Defense and the Chairman of the Joint Chiefs of Staff on military intelligence-related matters.
Earlier, Lt. Gen. Stewart held the position of Commanding General, Marine Forces Cyberspace Command, where he was the principal cyber advisor to the Commandant of the Marine Corps. Lt. Gen. Stewart has also served as the Director of Intelligence, United States Marine Corps.