We continue our effort to underscore certain patterns and themes found throughout the OODAcast library of close to 100 conversations with leaders and decision-makers, on topics such as leadership, empowering a team, clear decision-making while operating in a low information environment, the qualities and best practices of a true leader, the future of intelligence, the future of cyber threats, the cybersecurity marketplace, innovation, exponential technologies, and strategic action.

In October 2020, OODA CTO Bob Gourley had a conversation with Paul Kurtz – an internationally recognized expert on cybersecurity and the Co-Founder and Chairman of TruSTAR.  Paul began working on cybersecurity at the White House in the late 1990s. He served in senior positions relating to critical infrastructure and counterterrorism on the White House’s National Security and Homeland Security Councils under Presidents Clinton and Bush. In the same month, Bob spoke with Mark Weatherford.  Mark is an icon in the cybersecurity field. He is widely known as a mission-focused leader who builds teams and gets hard things done. His career included success in the US Navy as a cryptologist, leadership and management in a major defense integrator, CISO for two states (Colorado and California), CISO of the nation’s regulatory organization for our power grid (the NERC), head of security efforts for the newly formed DHS, and operational CISO roles and advisory board positions for several US corporations.

Last year, OODA was proud to sponsor the first-ever U.S. Cyber Games.  The inaugural US Cyber Games™ was created through the support of the National Initiative for Cybersecurity Education (NICE) program at the National Institute of Standards and Technology (NIST). But we are very proud to say the real driving force behind these games is a long-term friend of OODA and network member Jessica Gulick of Katzcy. It is produced by PlayCyber.  The Games brought together elite cyber athletes, coaches, and industry leaders to help scout, train, and recognize a US Cyber Team to represent the United States at the International Cyber Security Challenge. Oce again, OODA is sponsoring this premier cybersecurity competition.  The Kick-Off event for Season II of the US Cyber Games is today (Thursday, June 30th).

Register for the event here.

Russia appears to have pursued a cyber playbook that has been written about by many cyber warfare authors with respect to using cyber attacks at the onset of engagement and against what targets.  As the new Microsoft report relays, Russia conducted extensive cyber espionage against key Ukrainian targets prior to the invasion.  Per Microsoft’s findings, Russia espionage and network penetration has been conducted against 128 organizations in 42 countries allied to Ukraine since the start of the war.  Russian cyber actors have been approximately 29% successful, a quarter of which has led to the exfiltration of a target’s data. While the statistic is noteworthy, it doesn’t necessarily codify if this percentage is good (akin to a baseball player’s batting average) or poor and does not take into account if any taken material was critical to Russia’s operational success or not.  Nevertheless, the report does confirm what many cyber warfare followers have long maintained – an adversary conducts cyber espionage for network mapping and intelligence collection before, during, and after a conflict.

The future of Nuclear Energy is not decided yet. With leadership the world may be in for an incredible abundance of nuclear provided electricity providing very economical, stable, safe power and increasingly moving us all to a world of less pollution and more innovation across all industries.  Alternatively, less than optimal leadership could keep the world at a status quo or perhaps even roll back the contributions of nuclear power. This post provides a high level overview of nuclear energy issues and a review of some of the breakthroughs and companies bringing breakthroughs to market in the belief that executives across all industries should be part of the discussion on the right approach for the world moving forward.

Last week, Microsoft released a report with an assessment of the cyber lessons learned in Ukraine since the inception of the conflict.   A collaboration between Microsoft threat intelligence and data science teams, the report’s goals and conclusions are described in an Editor’s Note as “sharpening our understanding of the threat landscape in the ongoing war in Ukraine; A series of lessons and conclusions resulting from the data gathered and analyzed; New information about Russian efforts including an increase in network penetration and espionage activities amongst allied governments, non-profits, and other organizations outside Ukraine; Details about sophisticated and widespread Russian foreign influence operations being used among other things, to undermine Western unity and bolster their war effort; and a call for a coordinated and comprehensive strategy to strengthen collective defenses – a task that will require the private sector, public sector, nonprofits, and civil society to come together.”

This assessment is brilliantly executed and contains actionable recommendations for organizations in any industry vertical concerned with the future cyber threat posed by Russia on a global scale. A synopsis and analysis of the report can be found here.