This week’s OODAcast is with Kim Zetter, an incredibly well respected journalist who has been covering cybersecurity related issues for two decades. Matt Devost talks with Kim about a wide variety of cyber-related issues including a deep dive into Stuxnet and the implications for today’s security environment. Kim also shares details as to how she got into the field and how she developed relationships with the hacker community via her longstanding attendance at Def Con.
Beijing has been engaged in a battle for public opinion for several years, aggressively promoting a positive vision of China to counter criticisms for its involvement in human rights violations, intellectual property theft, currency manipulation, its engagement with Taiwan and the South China Sea disputes, and its suspected involvement in the COVID-19 outbreak. In 2017, senior Party leaders acknowledged that “the main battlefield for public opinion” occurs on the extensive borderless Internet where people receive their news, express their thoughts, and promote and argue their political and ideological viewpoints. Beijing understands how the Internet is essential in disseminating China-friendly narratives, while at the same time deflecting criticisms and reassigning blame. In essence, it is how Beijing seeks to preserve its image while tarnishing those of others.
Game theory, the study of competition and conflict, tells us there are two types of games: Finite Games and Infinite Games. Understanding that cybersecurity, like espionage, is an infinite game, should inform our all our actions in cyberspace. This post provides suggested considerations for businesses, individuals and governments seeking advantage in this infinite game.
Enterprise technologists use the term “Zero Trust” to describe an evolving set of cybersecurity approaches that move defenses from static attempts to block adversaries to more comprehensive measures that improve enterprise performance while improving security. When the approaches of Zero Trust are applied to an enterprise infrastructure and workflows, the cost of security can be better managed and the delivery of functionality to end users increased. Security resources are matched to risk. Functionality, security and productivity all go up.
In this OODAcast we provide insights into Zero Trust architectures from an experienced practitioner, Junaid Islam. Junaid is a senior partner at OODA. He has over 30 years of experience in secure communications and the design and operations of highly functional enterprise architectures. He founded Bivio Networks, maker of the first gigabyte speed general purpose networking device in history, and Vidder, a pioneer in the concept of Software Defined Networking. Vidder was acquired by Verizon to provide Zero Trust capability for their 5G network. Junaid has supported many US national security missions from Operation Desert Shield to investigating state-sponsored cyberattacks. He has also led the development of many network protocols including Multi-Level Precedence and Preemption (MLPP), MPLS priority queuing, Mobile IPv6 for Network Centric Warfare and Software Defined Perimeter for Zero Trust. Recently Junaid developed the first interference-aware routing algorithm for NASA’s upcoming Lunar mission.