Time for a Four Star Cyber General

Cyber is everywhere in our lives today and it is our greatest strategic weakness.

In 2015, the FBI and Department of Homeland Security determined Chinese sources, likely the Chinese Army, hacked the federal government’s Office of Personnel Management stealing 21.5 million applications for security clearances. Not only were vital statistics like social security number and credit history vacuumed up but, also, family relationships and social networks. Not even such a blatant and dangerous data security breach spurred the government beyond holding a couple of face saving Congressional hearings. —

Wikileaks disclosed information hacked from the CIA that exposed our ability to track terrorists through their cell phones. The result tipped off the terrorists who’ve returned to more primitive but harder to track methods of communication.

Global “ransom ware” attacks on hospitals have done little to prompt even a single Congressional hearing.

Equifax Credit Bureau was so careless with data they collect from all Americans involuntarily that hackers roamed undetected through their huge credit databases for nearly four months stealing the information of nearly half of the American people – using — what appears to be — a specific set of selection criteria. The government’s response: Consumers can sue Equifax.

The Security and Exchange Commission’s EDGAR System was hacked a year ago (August, 2016). It is likely that some person or persons or country unknown had access to the financial reporting data of every publically traded American or multi-national corporation before that information was made public, as required by law. Congress and the American people were not told until the appointment of a new SEC Chairman in September, 2017.

For almost a year, hackers were able to use (or sell)”insider trader information” to trade on specific stocks before the company’s public announcement of earnings. Such trading is a federal crime.

Just last week, the Department of Homeland Security released a list of 21 states where Russians successfully or semi-successfully hacked into state election systems prior to the 2016 Presidential election.

Taken together these are hostile acts against the nation and the people of the United States – as surely as if those bits and bytes were bullets.

In this war of bits, bytes, and the dark web, there is no “frontline” and Congress is not doing its job: Building an army to protect you and I – the American people – from a nefarious global network of economic terrorists.

No American is Safe:

Almost every aspect of daily American life is connected to the World Wide Web.

When you:

  • Apply for a job
  • Apply for a mortgage or rental approval
  • Watch television
  • Shop – online and off
  • Buy groceries at the local grocery store
  • Dial 911 an emergency
  • Catch up with friends
  • Make a medical appointment
  • Pay the basic monthly bills
  • Save for retirement etc.

The details of every transaction are collected by numerous public and private interests – irrespective of your Constitutional right to privacy. Under the best of circumstances, this data is summarized and sold to better “target” you as a customer.

In the hands of a criminal this data can be used to steal your identity. It can be used to blackmail you into – for example — spying against your employer, your neighbors or friends. It might allow a health insurance company illegal access to your genetic profile.

Protect Our National Infrastructure

There is no part of the infrastructure that we all depend on that does not, also, depend on technology:

  • Weather forecasting
  • Water storage and transport
  • Power generation and transport
  • Farming
  • Air travel
  • Rail travel
  • Ocean and river craft
  • Your family car
  • Corner gas station
  • Hospitals
  • Police Stations
  • Jails
  • Military Installations and Military Hardware etc.

It is not classified information that our government, private and public utilities and other quasi-government agencies have acknowledged their vulnerability to cyber attack.

Stop for a moment and think what the consequences would be if, for example, your electric utility provider were held for ransom by a hostile government or non-state-actor. Denied electric power, many activities we take for granted would quickly stop. What would the social consequences be if gasoline pumps stopped pumping, grocery stores couldn’t refrigerate or even checkout your groceries, ATMs could not dispense cash, and credit card transactions could not be verified across a wide section of America.

Every automaker and others including Apple and Google are working on the “inevitable” driverless car — navigation via the Internet. WHAT IF a terrorist or state actor hacked into the driverless car fleet and turned our interstate highways into real-time bumper cars?


Several states have started to regulate autonomous vehicles, remote home security and other technologies that could put Americans at risk. Not so Congress.

Congress is worried about other things: for example, to build or not to build a wall on our southern border.

Daily reports of massive data breaches, repeated theft of Americans personal data by criminals and hostile state actors, over several years, haven’t prompted Congress or the President – past or present – to take the necessary steps to protect every day Americans from this new and potent threat.

Congress and state governments have been repeatedly briefed on the vulnerabilities of our power grid and communication systems to cyber attack. But none of those briefings have moved Congress to debate or legislate additional cyber security measures outside the reactive Homeland Security Department’s Computer Emergency Reaction Term.

It is well past time that Congress acts pro-actively to establish a cabinet level CYBER SECURITY Department to coordinate all military, intelligence, law enforcement and private sector cyber security initiatives.

Every American has a right to expect Congress to take all steps necessary to protect the life, liberty, privacy and security of every citizen.

As much as we expect our military to be one step ahead of our potential enemies – so must our cyber sleuths.

Graphic courtesy of us.123rf.com


True TSA Story–Blond Ponytail is Dangerous Weapon

As a “million mile flyer”– I am skilled at managing my way through airport security with as little hassle as possible.

Even when I am “TSA Pre-cleared” I always have my liquids in one regulation size plastic bag, always declare my iPad or PC, and avoid wearing jewelry or high heel shoes that can set off a metal detector.

But I was completely unprepared for my experience with the TSA this past week.

Career Girl Hairdo Threatens Airplane

On Tuesday I had an early morning flight from San Jose to Los Angeles – the outbound leg of a one day round trip. Pursuing my no hassle, no stress strategy, I wore a pair of fashionable flat sandals with my red and white spring dress – and limited my jewelry to tiny post earrings and a watch. My hair was in a sophisticated updo – appropriate for a high power business meeting.

My coat and purse (with iPad and iPhone) were going through X-Ray when I stepped into the scanner and put my hands over my head.

I stepped out, grabbed my bag and turned to leave when I was stopped by a female TSA agent who told me she had to “pat down my (hair) bun”. I was stunned!

Her supervisor agreed the agent had to change her gloves but supported her assertion that my hair bun could contain some dangerous weapon!

She didn’t pat, instead she rummaged. Her gloved hands drove through my whole hairdo. Hairpins went flying.

Thank God I was dropped off at the airport at 6:50 AM for a 7:55 AM flight. After leaving security, I had to buy a can of hair spray, go to ladies room, take my hair completely down and redo the updo before proceeding to the gate.

From Los Angeles in the afternoon, the very same hairdo caught nary a glance from TSA.

The Truly Dangerous Ponytail

As my mother observed when I was a child, I never made the same mistake twice.

On Friday I arrived at the airport for a flight to Las Vegas — where I was attending a weekend conference — with my hair in a ponytail.

Bags checked I sailed right through San Jose TSA security.

Then last night returning – after spending Monday on a tour of Death Valley – tanned and wind-blown I was stopped after the scanner.

You guessed it. No, the TSA agent didn’t need to change her gloves – she just wanted to “look at my pony tail”! As soon as I turned around she had her dirty gloves all over my head.

TSA Fears Blond and Curly

I was still steaming when I Googled “TSA Hair” and found the cause of my harassment.

The American Civil Liberties Union (ACLU) successfully sued the TSA for its attention to women of color with “afro” hairdos the TSA asserted weapons hidden in their hair.

It was unfair, they charged, that other women (i.e. white women) with buns and ponytails were not hand searched.

The TSA signed a consent decree in late 2015.

The logical resolution would be to upgrade TSA’s screening technology.

If any CT or MRI medical scan can penetrate hospital gown and skin to expose our musculature, bones, and internal organs – surely the TSA can procure scanners that penetrate human hair to the scalp!

Rather than improving their screen techniques – i.e. scanner abilities – the TSA widened its net to include white women.

I am in a quandary. My fine textured hair is always done in some kind of bun or a ponytail.

Is it reasonable that the TSA compel me to submit to an invasive hair “strip search” or cut my hair super short just to board an airplane?

How does the TSA treat a woman in a hijab or a man in a turban?

What if a woman is wearing a wig?

Security Begins with Consistency

TSA publishes regulations on size and quantity of liquid containers, jackets, shoes and so forth.

They must similarly publish rules to guide women on how to style their hair if that is now a criteria for passing TSA security.

Similarly they must establish standards of sanitation that travelers can be assured will be followed by TSA agents.

There are two reasons why I am not waiting with bated breath for these new regulations: ineptitude and political correctness.

Ineptitude – why was the ability to see scalp through hair not specified when scanners were procured?

Political correctness – consent decree signed by unelected, unaccountable, anonymous, unionized, unimaginative and arrogant bureaucrats.

In the meantime, I will be making an example of the TSA by removing my pony tail scrunch or bun hair clip and letting my hair fly before entering the scanner – sure to prompt questions from my fellow passengers.

TSA policy is NOT making us safer – just more cynical.

Department of Veterans Affairs

What You Should Learn From the Veterans Administration Scandal

A few years ago a woman sat down next to me in the departure lounge at Reagan National Airport and commented on the weather. Our flight had been delayed. We were stuck for at least another hour. To pass the time we struck up a conversation.

I introduced myself as a tech industry executive who had made an unsuccessful run for Congress on a platform advocating a simpler and more efficient government. Anne said she was a retired military officer who had joined General Shinseki’s staff at the Veterans Administration to do her part to reshape government to address the complex challenges of the 21st Century.

For the next hour Anne described the obstacles that had to be cleared to remove the most blatantly incompetent VA staff member.

Her narrative could be inspiration for a Seth McFarlane comedy featuring Whoopi Goldberg and Dolly Parton playing the fossilized bureaucrats and Tina Fey the former officer – except that there’s no happy ending.

Long Story Short: Outdated Record Keeping Is Bad For Business

I’d had some VA experience of my own. My team evaluated and recommended rejection of a proposal from SAIC to Kaiser to design a second generation Electronic Health Record (EHR) based on the VA’s VistA system. SAIC was and remains the VistA prime contractor.

After 35 years and annual information systems budgets in the billions of dollars, VistA continues to be a number of disconnected electronic note pads dependent on people walking printed reports from one computer station to another – what we call “a system-on-legs”.

No audit trail – no accountability.

This is business as usual for a government department still organized to respond to needs of World War II veterans – stoically resistant reform that addresses 21st century reality.

Resisting Even Common Sense Accountability

Business as usual, that is, until a Veterans Administration primary care doctor in Phoenix retired. He couldn’t reconcile his duty to his patients with VA policies. His phone call to CNN triggered a scandal now splashed across the nation’s news media.

Is it possible that the combination of bureaucracy and antiquated systems caused the unnecessary deaths of 40 veterans? Congress and the White House exclaim their outrage – if only we had known – we “just read it in the newspaper”.

VA staffers fall back on their standard excuse – doubling our budget is still not enough money.

We’ve Heard It All Before

The American people are very familiar with this pattern of government behavior. A scandal erupts. The denials, followed by the excuses, the hasty investigation, the Congressional hearings, the sacrificial resignation and some symbolic action by Congress to treat a single symptom instead of understanding or attacking the underlying cause.

Think intractable Medicare Fraud. Think Obamacare’s $1 Billion website  Think FEMA’s response to Hurricane Katrina.

President Obama and his three predecessors all came to Washington proclaiming their determination to make the Federal Government “work”. Clearly they’ve failed.

Where are the “tiger teams” President Obama promised in 2009? Where are the teams of “experts” empowered to modernize and simplify, to integrate the activities of separate government agencies – to improve service at a lower cost to tax payers.

Knee Jerk Reaction both Predictable and Pointless

The VA Scandal is just the latest example of government bungling driven by politics.

It’s predictable – Congress fires first and aims the gun second.
[list type=”bullet”]

  • Predictable: the Cabinet Secretary resisted and then succumbed – to resignation.
  • Predictable: Congress is rushing out legislation to make it a tiny bit easier to retire or fire fossilized bureaucrats at the VA, only.
  • Predictable: Congress is urgently calling for some veterans to get primary care outside the VA system in limited circumstances.


Just as predictably, none of these steps will make the slightest dent in the intractable federal bureaucracy or streamline government. It’s an axiom of good management – more money, more people, the same antiquated processes and systems just makes the problems more visible and more acute.

Why Not Solve the Underlying Problem Instead?

Congress and the Administration resisted the urge to quiet the scandal and fix the problem. It’s time to right size and reform the VA!

The underlying issues – bureaucracy and antiquated systems, are common across the major agencies of the Federal Government.

The specific issues at Veterans Administration boil down to one simple fact: The VA duplicates services other government departments provide more efficiently to the general population!

I have many friends who are Vietnam era and Afghanistan/Iraq veterans. To a man they opt for Medicare or corporate health insurance benefits rather than the VA for their regular (non-combat injury) medical care – faster, more convenient, better quality – they believe.

Congress should enroll eligible veterans in Medicare or Obamacare for all non-combat related veteran health care and focus the VA on its core mission – caring for our wounded warriors.

Photo Credit: Karen Bleier/AFP/Getty Images

  • It is up to YOU

    Get Involved

    In the coming weeks, Reimagineamerica.org will do what our Presidential Candidates and other politicians are not - throw out some positive and plausible ideas to "right the ship of state".

    Ideas you can ask candidates about during the Fall Campaign.

ACA Website

ACA Exchange = Shiny New Car Paint But There’s No Engine

The mainstream media is still reporting the Affordable Health Care (ACA) Exchange Website is not working well – when it works at all. Well, they’ve got it wrong. It’s not the website that isn’t working. It’s the very complicated software environment behind the website that’s dysfunctional. The website does not work because a significant portion of that software environment is not yet built or even designed – end to end.

ACA’s Bright Shiny Paint Job

A website is like the shiny bright paint job on a new car on the showroom floor. The paint attracts the buyer’s attention but it doesn’t drive the car.

What propels the shiny paint job down the road is a chassis, to which a body style can be attached, and a motor. The ACA chassis is the software architecture that is supposed to link the user, the government and insurance company systems together – the same way the chassis connects the axles and steering wheel to the driver.

When Ford or GM or BMW or Tesla, for example, build a new car they start with the chassis. Many body styles (and paint colors) can be built on a single chassis. The weight of the chassis and the associated body style determine the size engine that is needed to make the vehicle efficient and easy to drive.

In software the chassis is the systems or environmental architecture. The architecture is the super-superstructure to which each of the individual software modules are attached – for example, prove the identity of the applicant. The architecture also establishes the relationship between individual modules. For example, after establishing identity, the next module determines eligibility for subsidies and/or Medicaid. The software modules are grouped together to meet specific user needs – analogous to the auto body style. The modular relationships determine the type (and complexity) of software needed to make the whole thing work – the engine.

Oops, Engine Not Bolted To Chassis

The ACA Exchange website crashed on launch not because the shiny green user portal didn’t work but because the engine – the software – hadn’t been bolted securely to the chassis and fell off as soon as users “stepped on the gas”. In fact, we now know that the chassis has not yet been fully designed and consequently there really are no engine bolts.

For the past week, daily “cover their own backside” (“CYA”) leaks from both administration and Center for Medicare and Medicaid Services (CMS) officials have brought to light a troubling picture of political expediency, bureaucratic bungling and executive irresponsibility. The self-serving leaks have unveiled the truth.

At least 40 percent of the system has not yet been designed. OMG, beyond the shiny green paint – there isn’t even a complete design of the car – yet and White House officials knew it. The chassis is nothing more than a partial Plaster of Paris model –certainly not sturdy enough for any road test.

In the automobile design process there actually is a Plaster of Paris model of a proposed car. It is used by car manufacturers to secure bids from tool and die makers and other suppliers so that they can determine, at various points in the design process, the costs and challenges associated with the planned vehicle. It’s no different in the procurement of software (purchased systems) or software development.

If the Plaster of Paris model is incomplete, the tool and die maker can only tell the car manufacturer the hourly cost of labor and the cost of a ton of steel, not the wholesale cost of the car tooling. Similarly, in software development if the first task for the vendor will be to define the system, their bid must be limited to an hourly billing rate plus a specific percentage of that rate to cover miscellaneous development expenses.

Until the system has actually been defined, there can be no plan to develop it. No plan means no budget and no budget means no controls. That’s a software contract every vendor dreams of and is every client’s worst and unending nightmare.

ACA is a Shiny Green Edsel

An estimated $600 million dollars has been spent on the ACA Exchange to date. There’s still no end to end system designed or built. Absent strong executive guidance, detailed plan-to-complete and seasoned management, the ACA Exchange is a shiny green Edsel destined for the junk yard of failed government information technology projects. Except this time, it could take a significant part of the US economy along for the ride!!

As tax payers, we must insist that Congress freeze spending on the ACA Exchange, including so-called “fixes” at least until an end-to-end design is complete, new management and oversight team has been put in place, capable external contractors hired and zero-cost-overrun development and rollout milestones established. If you agree – call, write or forward this blog to your representative along with your own comments.

Photo Credit: Joe Raedle/Getty Images

  • It is up to YOU

    Get Involved

    In the coming weeks, Reimagineamerica.org will do what our Presidential Candidates and other politicians are not - throw out some positive and plausible ideas to "right the ship of state".

    Ideas you can ask candidates about during the Fall Campaign.