ArchiveOODA OriginalSecurity and Resiliency

Clapper and Ashley on Joint Ops/Intel Operations, Decision-making, the History and Future of Intelligence and Cyber Threats

In April of this year, Bob Gourley had a conversation with General Jim Clapper. Security, risk management and intelligence professionals all know of Jim Clapper. He had a long and distinguished career in the US Air Force, which included leadership spanning the Vietnam era all the way to the end of the Cold War. By the time he retired he was a three-star General, leading the Director of the Defense Intelligence Agency. After retirement, he would later return to government service as head of the National Imagery and Mapping Agency just three days after 9/11. In 2007 he was named the Pentagon’s top intelligence official (USDI), serving as an appointee in both the Bush and Obama administrations before President Obama appointed him DNI.  He is the author of the book Facts and Fears: Hard truths from a life in intelligence.

In March, Bob conversed with Lieutenant General Robert Ashley, USA (ret) was the 21st Director of the Defense Intelligence Agency (DIA). He retired in November 2020 after over 36 years of active-duty service as an intelligence officer. He had previously served as the Army’s lead for all intelligence (the Army Deputy Chief of Staff, G-2), where he was the senior advisor to the Secretary of the Army and Army Chief of Staff for all aspects of intelligence, counterintelligence, and security.  During his long career, he commanded organizations charged with gaining insights into adversary intentions and making them actionable for decision-makers. This included work overseas including six combat tours in Iraq and Afghanistan as a squadron, brigade commander, and Deputy Chief of Staff for Intelligence (J-2). Other tours included assignments leading intelligence for the Army Joint Special Operations Command; United States Central Command; and for all US forces in Afghanistan. He also led Army intelligence training and education.

We continue our effort to underscore certain patterns and themes found throughout the OODAcast library of over 80 conversations with leaders and decision-makers, on topics such as leadership, empowering a team, finding the right people, clear decision-making while operating in a low information environment, situational awareness and the qualities and best practices of a true leader.  Themes in these conversations include the nature and history of intelligence, the importance of Joint Ops/Intel operations, the future of intelligence, and specific characteristics of the cyber threat.

“Intelligence cannot be a self-licking ice cream cone – intelligence for intelligence’s sake.”

Bob Gourley: You know, General, by the time I first saw you were very senior. I was very junior in the Navy. Very Joint, of course. And you were delivering a presentation where you were making a lot of points. This must have been like in 1991, 1992, you must have been Director of DIA. And you talked about things like what intelligence should be. And I remember it to this day. You said: intelligence cannot be a self-licking ice cream cone – intelligence for intelligence’s sake. You also said that intelligence professionals should never be lulled into being historians and just reporting on things that have happened. We need to lean forward and be proactive and predictive. And I wonder although I heard those kinds of things from you near the end of your military career, in your early formative days where those kinds of points were underscored for you?

Jim Clapper: Exactly Bob. That is a great question – and very perceptive and because intelligence was largely historical it was very slow. You know, we would track reactions to airstrikes through, by monitoring North Vietnamese air defense communications, which are high-frequency manual Morse, very slow. And then, you know, acetate and grease pencil, we try to recreate the tracks well. By the time all that lapsed the pilots are back at bases in Thailand having a beer, and we are still trying to recreate these maps of what happened. And intelligence was in many cases was sort of entertainment at the briefing. And it was rarely anticipatory or useful for decision-makers. That has improved a lot in my time. And the technology has gotten faster and faster. We are able to move more and more volumes of data quicker.

We [now] have persistence in the form of our RPBs and there are so many technological innovations that have profoundly changed the nature of intelligence. But in those days, it was really slow. As a consequence, the Air Force produced a generation of Generals three- or four-star generals or captains and majors, pilots in Vietnam, who grew disillusioned with intelligence as well. Not only because it was slow, but also because they felt that we were hiding things behind the green door. We really weren’t, but that was clearly the image, and it took a long time for that culture, if you will, to wash out of the Air Force.

The self-licking ice cream cone metaphor is meant to imply or convey that the intelligence community should only do things that the policy community tells it to do. And by policy, policy writ large – whether military commander, diplomats, whomever. There was supposed to be a rigorous process by which policy needs are expressed. And then that is translated in terms by the intelligence community and its individual components into actual resources, capabilities, manpower, et cetera, that are applied against those priorities. So that is an important point I want to make  – as it should not slip by.

“…the takedown of UBL (Osama bin Laden) is also a testament to persistence and not giving up and patience.  Painstaking patience…”

Bob Gourley: Let me get back to this topic of intelligence in history. I think another thing that happened on your watch as Director of National Intelligence (DNI) was the Osama bin Laden raid. And I can only assume based on what I have seen, that is an example of more pro-active intelligence that was not waiting to see what we discover. It was going out there and hunting for data and coming up with assessments and validating assessments and continuing to iterate. What would you say?

Jim Clapper: You are quite right. And I highlight the takedown of UBL (Usama bin Ladin aka Osama bin Laden) on the 2nd of May of 2011 as a real highlight – as opposed to a lot of low lights. It was a textbook example, Bob, of a partnership between intelligence and operations in this case, specifically, Special Operations. And it is also a testament to persistence and not giving up and patience, painstaking patience to track down the whereabouts of UBL. So, it was a real classic textbook example. I also have to acknowledge that President Obama made a very courageous decision to go ahead with the raid. There was – right up to the last minute – a debate about just how to conduct it, you know, stand-off and munition or a Special Ops operation. And he opted for, I thought, the most promising option but probably the greatest political risk.

But it was a tremendous example of the partnership that can exist between operations and intelligence. And I will tell you, I will never forget after being closeted in the White House Situation Room for 13, 14 hours that day – and the President when he was finally confident that it was UBL, and he was going to address the nation. A few of us went over to the East Room where he gave the address. I will never forget walking out the door down on the Portico next to the rose garden. And I opened the door, there was a crowd, word had gotten out. It was a crowd chanting, “USA, USA, USA” and boy, it really hit me emotionally what that event meant. It was closure for the country and certainly closure for the intelligence community and for all of us in intelligence and it was closure personally.

Bob Gourley: And so, a couple of lessons there that you just underscored. One is I have seen intelligence and decision-making being done separately in terrible ways that is theself-licking ice cream cone of Intel. And I have seen it work well together. And this is a classic example of working extremely well together. And being proactive when it comes to intelligence. What you just described, the UBL  raid, I think underscores really well the importance of Ops and Intel working together. I have seen the opposite too. I have seen working separately to disastrous results. But it also underscores the importance of proactive intelligence and leaning forward and collecting the right stuff. And not being this historical reporter of information only but making some projections and calls.

“Our approach traditionally has been to be very precise, surgical, and legalistic in the use of a cyber weapon.  Well, you cannot count on adversaries to be similarly precise, surgical, and legalistic.”

Bob Gourley: I want to mention another topic area where the Intel community needs a lot more work and that is cyber security and the cyber threat. I have tracked the Intel community and this domain since 1998 when I got involved in it personally. They do wonderful work. But most of it seems to be historical: who attacked us last month? And how do we attribute that? Very little is being seen commercially on who is going to attack next and what are their capabilities. The greatest sources of intelligence in cybersecurity, in my opinion, seem to be commercial companies like FireEye who acquired Mandiant. They produce assessments that are well-read by everyone, and it always puzzled me. Is there more the intelligence community can do to better serve U.S. policymakers and industry in America on what the nature of the cyber threat is? Can it be more proactive?

General Clapper: As far as cyber is concerned, there is no question there can be an improvement.  There are a couple of obstacles, at least that I encountered. One was, of course, the sharing and the obstacles to sharing in both camps – whether the intelligence community on one hand and the commercial side on the other – have understandable reasons why there is a reticence to share. In the case of the intelligence community, of course, it is the proverbial sources and methods and tradecraft. On the commercial side, there are proprietary interests, shareholders, boards, that sort of thing, to inhibit sharing. In fact, I was part of an effort in Congress to legislate sharing and I did not succeed. So I think people have to understand what the reluctance is. The other thing that prevails – certainly in the case of the SolarWinds attack if you want to call it an attack, actually, it was great espionage – are the restrictions on the use of the national foreign intelligence apparatus in a domestic context.

That is way over the labor grade of the IC, but something needs to be done about it because the intelligence community, despite what some people think, is going to try to stay within the guard rails imposed by the law. And so there needs to be legislation from two standpoints. One that would promote sharing and or mandate it. And the other thing is how can we bring to bear the resources, the considerable resources of say an NSA, into what could be a domestic context? Having lived through Snowden that is a real point of sensitivity. That is why Congress has to act to improve this.

One other point I’ll make.  It is something we ran into during the Obama Administration- it is probably different now – is the notion of responding to a cyber-attack. In other words, we get a cyber-attack we’re going to counterattack. Well, what inhibits that I found is if you do not know how the adversary you are attacking is going to counter retaliate and whether or not you have the ability, you are resilient enough to absorb such a counterattack. Our approach traditionally has been to be very precise, surgical, and legalistic in the use of a cyber weapon. Well, you cannot count on adversaries to be similarly precise, surgical, and legalistic. So those are all complications that enter the fray when you are trying to decide to do what to do about the SolarWinds attack or the attack against Microsoft.

“But the other one – and it relates to the cyber piece – is supply chains.  Doing the due diligence on the supply chain.”

Bob Gourley: I would also like to ask some of your insight into the current threat environment. Can you tell us what you think would be relevant for corporate America to understand regarding the international threat environment today?

Robert Ashley: Yeah. And it is interesting because the two things I would focus on are not a surprise to anybody. As a matter of fact, the second one, more at the forefront of people’s thoughts, is the pandemic. But, you know, when somebody asks me “What keeps you up at night?” It is really cyber.  It is the internet of things. It is the ability to, at some point, you can hack somebody’s toaster, or you can hack somebody’s aircraft carrier, or you can hack somebody’s refrigerator, the interconnectedness of everything from the internet of things and cyber concerns me because it has near instantaneous ability to reach globally, right? So, when you think about, when people talk about Thucydides and the nature and the character for war, you know, fair honor and interest, but the character of war changing because technology is changing. The instantaneous nature in which you can reach out from a cyber standpoint – whether it is a Trojan horse, a SolarWinds kind of sitting there and I am watching your infrastructure, or to really get into the power grid or the banking system and having access and just waiting for the possibility that you may want to do something that is destructive in nature – is concerning.

I am listening to a book right now. That is kind of goes through this history of zero-day attacks, the life of hackers, and all that stuff, there is a whole subculture, which you are aware of that is out there that sells, you know, zero-day vulnerabilities. The ability to patch it and to understand those things. And then you layover that your critical infrastructure. And you kind of have a gentleman’s agreement in a lot of ways that says, okay, we are not going to go after banking. We are going to come in and do some things but may not be as nefarious because of the escalating nature of it, or that you may come back and go after my banking or kill power to a hospital. And you kill patients. That concerns me.

And there are so many things that shoot from that. In terms of disinformation, you look at what the Russians are doing right now and disinformation campaigns and how prolific they are in that space. But the other one is, and it relates to the cyber piece, which is supply chains. You know, we saw those incredible vulnerabilities in protective equipment. When we found out who is producing the PPE, who is producing a lot of the drugs and stuff that come into the U.S. But something as innocuous as a chip, or, you know, a camera or a piece of electronic equipment that when you look at the second and third-tier provider in a contract you realize, hey, did you guys know that Kaspersky is actually putting the industrial control systems in your HVAC in your facility? Like, oh my gosh, I did not realize that.

So, it is doing the due diligence on the supply chain. And I think the other part about cyber, and this is one of the areas that we will see mature more in the future. It is one thing to have cyber defense, but the other thing is, and I know this is already happening, offensive teams that hunt in your own network. So, it is one thing to sit there and go, okay, well I am going to put up firewalls and I am going to have all these great defensive capabilities. But the other part of that is you really need to be offensive in your defense, in your own network, and start hunting in your network looking for those anomalies. That might have gotten the guy at Firefly quicker to see two phones registering, that one ominous day where he looked at went, “Okay, that’s not supposed to happen.” You know, then he was able to discover it. But it was, I do not want to say it was by accident, but we are fortunate that he did. Being offensive and hunting in your own network will be something that I think we will be talking about more in the future.

“What was the most important decision that you made when you were the DIA Director?  My answer was the most important decision I ever made was that I did not have to make every decision.”

Bob Gourley:  Right. I know the United States Central Command is one of the busiest places on the planet. And the J2 there must deal with a lot of information and the subordinate components do also. It must be overwhelming. A lot of that information is false, contradictory, hard to understand, hard to assess. It is the real pressure cooker environment. And it must have really tested your abilities to maintain awareness of everything you needed to drive that operational command. So, I wanted to ask both there and any of your other positions – what other lessons do you have from being an operational intelligence officer at this pressure cooker kind of place that might be of use to those who follow in your footsteps or who are in industry today?

Rober Ashley: I think the important thing is to realize that you cannot do everything and that you have got to put together a good team that you trust, and you have got to empower them. You know, the days I spent at CENTCOM were the longest ones in my career. It is the only time that I did not do PT during the week. There was so much information to try to absorb and I have just pinned on the star, just left JSOC (Joint Special Operations Command) and got down to CENTCOM and I have got this legend, General Mattis, who is the commander.

The read book itself – you can spend hours in the read book every morning. It is not just the PDB (Presidential Daily Briefing) that is focused for senior leaders like the President. You look at all the intelligence that has come in – so I was at my desk at five in the morning and I would spend the first two hours before we had our first meeting, the first kind of the ops review with the three about two hours going, okay, I got to get through as much of this as I can cause I am not going to have time. And so that was the only job I ever had where I did not do PT during the week. I did not carve time out. That is a mistake because I needed to make that time. But the real lesson here is that you do not have to know everything. You got to empower the workforce, you got to build the people, put them in a place, and trust them.

It really is about putting together a coherent team and let people do their job, making sure they are trained, make sure they understand what you need and it is okay to leverage them. So, when you go into a meeting or a briefing and, and I have seen this repeatedly, you do not have to be the person that is giving the brief all the time. Lots of times, as a matter of fact, more times than not, the person who you are put in front of  – Mattis, Milley, McRaven, McChrystal- is the subject matter expert. And I am going to be in there for color commentary or an additional point that I want to emphasize, or just to hear the feedback directly from that senior leader who either may agree or disagree with the analysis. Or say, hey, here is a follow-on because a lot of times those sessions with the analyst for that senior leader is a great opportunity to task [people].

I had an interesting question that I was asked on my “out brief” at the DIA. And the question was “what was the most important decision that you made when you were the DIA Director?” My answer was the most important decision I ever made was that I did not have to make every decision. There were all kinds of people that were very, very good at what they did. Keep me informed. Right. Don’t let me get surprised, but do not wait for me. You know the intent. Let’s go.

Watch or Listen to the Full Interviews:

Jim Clapper Shares Wisdom From A Career in Operational Intelligence

Lessons In Leadership, Intelligence Analysis, and Geopolitical Trends From Retired LTG Robert Ashley, former Director of DIA

General Ashley’s book: 

Facts and Fears: Hard truths from a life in intelligence

OODAcast 9/11 Perspectives: 

Decision-Making Inside the CIA Counterterrorism Center Before, During and After 9/11

A CIA Officer and Delta Force Operator Share Perspectives on 9/11

Additional Resources in and references on Intelligence:

  • A Practitioner’s View of Corporate Intelligence: Organizations in competitive environments should continually look for ways to gain an advantage over their competitors. The ability of a business to learn and translate that learning into action, at speeds faster than others, is one of the most important competitive advantages you can have. This fact of business life is why the model of success in Air to Air combat articulated by former Air Force fighter pilot John Boyd, the Observe – Orient – Decide – Act (OODA) decision loop, is so relevant in business decision-making today.
  • Useful Standards For Corporate Intelligence: Discusses standards in intelligence, a topic that can improve the quality of all corporate intelligence efforts and do so while reducing ambiguity in the information used to drive decisions and enhancing the ability of corporations to defend their most critical information.
  • Optimizing Corporate Intelligence: Actionable recommendation on ways to optimize a corporate intelligence effort. It is based on a career serving large-scale analytical efforts in the US Intelligence Community and in applying principles of intelligence in corporate America.
  • An Executive’s Guide To Cognitive Bias in Decision Making: Cognitive Bias and the errors in judgment they produce are seen in every aspect of human decision-making, including in the business world. Companies that have a better understanding of these cognitive biases can optimize decision-making at all levels of the organization, leading to better performance in the market. Companies that ignore the impact these biases have on corporate decision-making put themselves at unnecessary risk.
  • Global Risks and Geopolitical Sensemaking: A collection of critical resources for any organization seeking to track, and mitigate risks due to international geopolitics events and actions.

Daniel Pereira

Daniel Pereira

Daniel Pereira is research director at OODA. He is a foresight strategist, creative technologist, and an information communication technology (ICT) and digital media researcher with 20+ years of experience directing public/private partnerships and strategic innovation initiatives.