McAfee’s John Fokker says there are many more similarities between the military and cybersecurity than you might expect.
A career in cybersecurity was probably the last thing on John Fokker’s mind as he was speeding across the Indian Ocean with his fellow Marines towards a ship crewed by pirates. But as it turns out, there are a surprising number of similarities between the two disciplines. Now Head of Cyber Investigations at security firm McAfee, the combat Fokker finds himself in today is more virtual than physical, but high-stakes nonetheless. In a world in which cybercrime is increasingly lucrative and ever more sophisticated, attackers and defenders are now engaged in perpetual conflict, each trying to outwit and outmaneuver the other. While he acknowledges his route into cybersecurity was an atypical one, Fokker told TechRadar Pro his experience in the military actually provided him with the perfect grounding. “When you take away all the technical elements, ransomware is very much like a hostage negotiation situation. Especially when you look at the emotional state of threat actors and victims,” he said. “Ransomware is one of the few cyberattacks where you as the victim interact with the cybercriminal. From a psychological point of view, it’s very interesting; everybody wants something from someone else.” A job with the Royal Netherlands Marine Corps was, for Fokker, an antidote to the drudgery of the office job he took up after graduating with a degree in computer science. It wasn’t about the combat necessarily, more about doing something different. He spent eight years as a Marine in total, the last five of which with the Special Operations Branch working counterterrorism, counterpiracy and hostage rescue, which took him across the globe. In North Afghanistan, where he was stationed for a time, Fokker was tasked with provincial reconstruction, which involved helping local civilians build infrastructure such as schools and water pits, and keeping the engineers safe in the process. At another posting in Somalia, he was part of a team based on a Navy ship, whose job was to monitor pirate activity in the area. “We did a lot of close range reconnaissance at night to see where the main camps were and who was ready to sail out; it was a lot of intelligence gathering,” he said. “If there was any indication a pirate ship was about to sail out or was operating at sea, or if there was a hostage situation, we would intervene.” As glamorous as this might sound, Fokker said he eventually tired of the lifestyle, which kept him away from home for all but a few weeks each year. He chose to pass up a role as a ranking officer in the Marine Corp in favor of a different flavor of combat. “I saw the nature of what was going on in the world shift,” he told us. “Even though I wasn’t actively in the cybersecurity realm, I could see that this was the future.” Although Fokker had set his sights on a job in cybersecurity, he didn’t transition immediately to civilian life, instead taking on a role as a digital investigations expert with the Dutch national police. As part of the organized crime team, he went after drug kingpins, assassins and other criminals of a similar class, tapping their phones and analyzing the recordings. On occasion, though, he found himself lurking in the undergrowth in a ghillie suit aiming to “sniff their Wi-Fi”, proving that cyber investigation doesn’t all take place behind a desk.
