02 Mar McAfee 16 Cyber Security Doctrine
McAfee 16 Cyber Security Doctrine
AN EXCLUSIVE PROVIDED TO THE EDITORS AT CYBERSECURITY VENTURES
Oct. 22, 2015
John McAfee is running for President on the Cyber Party ticket. He has chosen Cybersecurity Ventures to publish his Cyber Security Doctrine, in hopes that it will reach as many U.S. citizens and members of the media as possible. Cybersecurity Ventures is not affiliated with the McAfee 16 campaign, and neither endorses nor opposes John McAfee’s candidacy. We encourage every presidential hopeful to present their views on cybersecurity to the American people.
CYBER SECURITY DOCTRINE
“The U.S. Government is largely illiterate in the digital sciences and lags Russia and China by a substantial margin in cyber security.” – John McAfee
- We are in a cyber war with China, and have been for more than 5 years. The Chinese attacks on Homeland Security, the Department of Defense and the FBI went nearly undetected and the massive attack against the Office of Personnel Management was ongoing for two years before it was even noticed. Our response to these acts of war was to hire consultants to make OPM personnel feel better about themselves. This sole response indicates a paralysis within our government and a need for massive change.
- This change must happen immediately. The Chinese are already capable of the mass destruction of the infrastructure of the U S. entirely without the use of arms.
- The overwhelming majority of the firmware used in US communications and digital processing was written by Chinese companies under Chinese Government direction and can be fully co-opted by the Chinese, using hidden back doors, at any time of their choosing. This would mean the total collapse of all digital communications in the US, including the collapse of our Internet.
- The Chinese have secretly commandeered many of our satellites that are used for communications and are using these hijacked satellites in order to hide their entry into our critical control systems.
- The U.S. Government, at the Executive level, must immediately create an Office of Digital Transformation, with the imperative to develop cyber defense systems and procedures within every department of the Executive branch. The development of these systems and procedures must be given the highest priority.
- We must recognize that National Defense cannot be achieved through defensive systems only. Deterrent is a necessary element, and this can only be achieved through the creation of offensive cyber warfare tools.
- These offensive tools must be developed hand-in-hand with our defensive tools, and therefore must fall under the full control of the office of digital transformation.
- The staffing for the Office of Digital Transformation must come from outside of the current government personnel pool. This is of extreme importance. Our current problems are a direct result of our ossified personnel structure and personnel influences. We cannot have the most critical office within the government tainted by our past weaknesses.
- The U.S. currently possesses the the largest and most talented pool of cyber security specialists in the world. These specialists congregate multiple times each year in various locations, culminating in the annual Defcon conference, comprised of upwards of 50,000 specialists. These specialists compose our Hacker Community.
- Our Hacker Community is overwhelmingly composed of White Hat hackers. These hackers perform the critical function within our industrial complex of hiring themselves out, in teams, to corporations in order to improve corporate cyber security.
- Red Teams develop strategies, procedures and systems to attempt to break into their clients’ data and operations centers with the intent of accessing information critical to the functioning of the corporation.
- Blue Teams take over the responsibility of securing the corporation’s digital assets and implement systems and procedures to attempt to block the Red Teams.
- At the end of each project, the Red Teams and Blue teams jointly advise the corporation of action plans that must be implemented in order to create a more secure environment.
- The U.S Government, in order to staff the Office of Digital Transformation, must immediately begin active recruiting within our Hacker community. This recruiting must focus at least 75% on specialists with heavy Red Team experience. Red Team talents can be used for the development of both Defensive and Offensive systems. Many specialists are experienced in both talent sets.
- The ODT must be divided into two branches: Cyber Security Defense Systems, and Cyber Warfare Weapons Development.
- Cyber Security Defense systems must be structured in a manner that mirrors the existing structure of government program offices. ODT staff will be assigned to each program office to immediately analyse and re-structure the digital systems with each department in order to elevate each department with highest possible level of cyber security.
- Cyber Warfare Weapons Development will be staffed by Red Team specialists capable of attaining a Top Secret Security Clearance and must be directed by a seasoned cyber security executive recruited from within the corporate cyber security world. It must have an advisory board established by the Pentagon.
- The ODT can be funded in a variety of ways. My suggestion is to disband the TSA in its entirety. It has been been well established that it is ineffective. Bolstering the on-board armed Marshall program will provide real security. The TSA budget is close to 8 billion dollars per year. The salaries for the nearly 50,000 screeners is less than 2 billion dollars. If we sent them all home but continued to pay their salaries we would not burden the unemployment rolls and we would still save nearly $6 billion per year in overhead. Even if only 50% of the overhead could be saved, that would still be an annual savings of $3 billion. With $3 billion per year we could hire 10,000 of the World’s top cyber security specialists and possibly save this great nation of ours.
Steven C. Morgan, Editor-In-Chief
- is Founder and CEO at Cybersecurity Ventures, and Editor-In-Chief of the Cybersecurity Market Report and the Cybersecurity 500 list of the world’s hottest and most innovative cybersecurity companies. Steve writes the weekly Cybersecurity Business Report for IDG’s CSO, and he is a contributing writer for several business, technology, and cybersecurity media properties.
© 2015 Cybersecurity Ventures. All rights reserved. Federal copyright law prohibits unauthorized reproduction of the material on this web page by any means and imposes fines up to $150,000 for violations. Reproduction in whole or in part in any form or medium without expressed written permission of Cybersecurity Ventures and the McAfee 16 Campaign is prohibited.