OODA CTO Bob Gourley was joined by Tony Cole of Attivo Networks in an interactive discussion on the state of cybersecurity, with a focus on how deception technologies can be leveraged by organizations of all sizes to mitigate risks.
Tony is an icon in the cybersecurity community. He is known both as a practitioner and a thought leader helping businesses and governments understand their risks and prioritize mitigation actions. He is a member of the OODA Network (see our member interview with Tony here ).
As CTO of Attivo Networks he has lead the strategy and vision for the corporation across products, marketing, sales and the development of the Attivo ThreatDefend Deception and Response platform. Attivo Networks is the leader in the cyber deception space and has already shown an ability to change the game on the modern-day human attacker.
This interview examines:
- The evolution of the early cyber “honey pots” designed to trap hackers into modern, scalable, hard to detect deception technologies
- How adversaries have changed over the last two decades and what it means for the future
- The despicable behavior of cyber adversaries during the pandemic and what it means for cyber attacks after the pandemic
- The need for cybersecurity solutions to work well together
- How executives in business can learn of the most relevant technologies for them without having to meet with thousands of vendors
- Attivo Networks: Deception technology provides a threat defense of traps and lures designed to slow down and deceive attackers into revealing themselves and their tools.
- Deception Needs to be an Essential Element of your Cybersecurity Strategy: Here’s why one of the most compelling emerging use cases for increasing attacker costs is through the use of deception.
- OODA COVID-19 Sense-making: A dynamic resource for OODA Network members looking for Coronavirus/COVID-19 information to drive their decision-making process. We’ll update it with new links as we encounter them. This is not meant to be a comprehensive list, but rather a compilation of the most useful resources.
- The 2020 OODA Cybersecurity Watch List: list can serve multiple stakeholders. Investors can find firms that have demonstrated good product-market fit and are good candidates for follow-on funding. CISOs can find companies that have demonstrated real disruptive technology potential and at least enough traction to prove they are worth considering.
- OODAcast on YouTube: OODA’s YouTube Channel
- OODAcast Podcast: For audio to go
Organizations in competitive environments should continually look for ways to gain advantage over their competitors. The ability of a business to learn and translate that learning into action, at speeds faster than others, is one of the most important competitive advantages you can have. This fact of business life is why the model of success in Air to Air combat articulated by former Air Force fighter pilot John Boyd, the Observe – Orient – Decide – Act (OODA) decision loop, is so relevant in business decision-making today.
In this business model, decisions are based on observations of dynamic situations tempered with business context to drive decisions and actions. These actions should change the situation meaning new observations and new decisions and actions will follow. This all underscores the need for a good corporate intelligence program. See: A Practitioner’s View of Corporate Intelligence
This post dives into actionable recommendation on ways to optimize a corporate intelligence effort. It is based on a career serving large scale analytical efforts in the US Intelligence Community and in applying principles of intelligence in corporate America. See: Optimizing Corporate IntelligenceThe study of mental models can improve your ability to make decisions and improve business outcomes. This post reviews the mental models we recommend all business and government decision makers master, especially those who must succeed in competitive environments. See: Mental Models for Leadership In The Modern Age
Cognitive Bias and the errors in judgement they produce are seen in every aspect of human decision-making, including in the business world. Companies that have a better understanding of these cognitive biases can optimize decision making at all levels of the organization, leading to better performance in the market. Companies that ignore the impact these biases have on corporate decision-making put themselves at unnecessary risk. This post by OODA Co-Founder Bob Gourley provides personal insights into key biases as well as mitigation strategies you can put in place right now. See: An Executive’s Guide To Cognitive Bias in Decision Making
We strongly encourage every company, large or small, to set aside dedicated time to focus on ways to improve your ability to understand the nature of the significantly changed risk environment we are all operating in today, and then assess how your organizational thinking should change. As an aid to assessing your corporate sensemaking abilities, this post summarizes OODA’s research and analysis into optimizing corporate intelligence for the modern age. See: OODA On Corporate Intelligence In The New Age
This post discusses standards in intelligence, a topic that can improve the quality of all corporate intelligence efforts and do so while reducing ambiguity in the information used to drive decisions and enhancing the ability of corporations to defend their most critical information. See: Useful Standards For Corporate Intelligence
Broadly speaking, a weapon is anything that provides an advantage over an adversary. In this context, data is, and always has been, a weapon. This post, part of our Intelligent Enterprise series, focuses on how to take more proactive action in use of data as a weapon. See: Data is a Weapon
Fine Tuning Your Falsehood Detector: Time to update the models you use to screen for deception, dishonesty, corruption, fraud and falsity
The best business leaders are good at spotting falsehoods. Some joke and say the have a “bullshit detector”, but that humorous description does not do service to the way great leaders detect falsehoods. Bullshit is easy to detect. You see it and smell it and if you step in it it is your own fault. In the modern world falsehoods are far more nuanced. Now more than ever, business and government leaders need to ensure their mental models for detecting falsehood are operating in peak condition. For more see: Fine Tuning Your Falsehood Detector: Time to update the models you use to screen for deception, dishonesty, corruption, fraud and falsity