In the cyber defense community, we talk about a wide-range of risk mitigating technologies, strategies, and activities. We talk about attacker deterrence and increasing costs for the attacker. We invest in endpoint agents, threat intelligence, DLM, and other mitigating technologies on a daily basis.
Here’s why one of the most compelling emerging use cases for increasing attacker costs is through the use of deception.
Edward Snowden’s new book is out next Tuesday, but OODA Loop got an advance copy. In the book, Snowden identifies two major catalysts that not only pushed him over the edge, but also informed his strategy for how he leaked the highly classified material. One of them was a complete surprise.
An FBI bulletin provides an overview and detailed recommendations on how cyberattackers are targeting audio/visual systems to compromise corporate networks along with recommendations on how to prevent such attacks.
The newly formed Cybersecurity and Infrastructure Security Agency (CISA)has released a strategic intent document outlining the agencies role in protecting U.S. critical infrastructure and cyberspace. It is important for OODA Network Members to track the emergent roles and responsibilities of this agency as it will be a critical component of cyber and infrastructure security moving forward.
There are literally hundreds of cybersecurity conferences hosted around the world each year and as a result it can be difficult to determine which conferences provided the highest value in the domain.
While each of these events bring community value in their own unique way, Def Con is the most valuable event of the year for the community. Here’s why.
In 1999 a book called “Unrestricted Warfare” emerged from China and over the past two decades it has served as a good guide for how China views conflict and in particular, cyber and economic conflicts. Businesses that understood Unrestricted Warfare were better enabled to defend their networks and market share.
Twenty years later, the U.S. Department of Defense has released a Joint Staff originated report highlighting the next generation of Chinese doctrine and their concepts of “system attack” and “destruction warfare”. Here is what you need to know about it.
In Part Two of this series on Cyber Sensemaking, OODA CEO Matt Devost steps through the top management lessons learned and actions that can be taking to drive your cyber risk management program.
Distilling over 25 years working in the fields of cybersecurity and cyberconflict across a multitude of domains including government, corporate, think tank, and academic this article serves as a foundational distillation of observations that can be applied in any organization. In Part Two of the series, we will look at lessons learned and actions that can be executed by management teams to help manage cyber risk.
I’ve just finished reading an advance copy of Joseph Menn’s new book Cult of the Dead Cow: How the Original Hacking Supergroup Might Just Save the World (Amazon Link) and can recommend highly for OODA Loop members. As the importance of hacker history goes, this was a book that was
The President’s Commission on Critical Infrastructure Protection is often cited as one of the most important initiatives from the 1990s that advanced our cybersecurity programs in the U.S. The commission, which looked at cyber threats to critical infrastructure, created a lasting critical infrastructure framework that is still in use today.