20 Jan 2021

Meet the New Boss: Context on Cybersecurity and US Federal Leadership

Noted cybersecurity expert Mike Tanji provides context on what to expect from the cybersecurity actions and policies of the Biden Administration. His insights are based on thirty years in the field. He cautions us all to maintain a level of hope, but to not get too worked up about transitions and talk of change. Everyone is all talk until they sit down in the chair and begin to understand exactly what it takes to govern. That said, there are changes that can be expected. Here are a few signals to watch for to see if they will stick.

Read More
26 Sep 2019

Cyber Threat Analysis Report Volume 1 Edition 11

OODA’s Cyber Threat Analysis Report provides the “so what” behind the news and events we track on a daily basis. When it comes to putting cyber news in context, there really is no substitute for experience. The context in this report is provided by one of the most highly regarded cybersecurity practitioners and pioneer of cyber threat intelligence (and OODA Network expert) Mike Tanji. In this edition, Mike brings context into the continual unrealistic hope that one day technology can replace wetware in cybersecurity, insights into breakability, what gets measured in our line of work, and much much more.

Read More
12 Sep 2019

Cyber Threat Analysis Report Vol 1, Edition 10

OODA’s Cyber Threat Analysis Report provides the “so what” behind the news and events we track on a daily basis. When it comes to putting cyber news in context, there really is no substitute for experience. The context in this report is provided by one of the most highly regarded cybersecurity practitioners and pioneer of cyber threat intelligence (and OODA Network expert) Mike Tanji. In this edition, Mike brings context into the ransomware attacks against cities, the changing situation regarding best practices in perimeter defense, stunt hacking and many other hot topics you will want to track.

Read More
30 Aug 2019

Cyber Threat Analysis Report Vol 1, Edition 9

OODA’s Cyber Threat Analysis Report provides the “so what” behind the news and events we track on a daily basis. When it comes to putting cyber news in context, there really is no substitute for experience. The context in this report is provided by one of the most highly regarded cybersecurity practitioners and pioneer of cyber threat intelligence (and OODA Network expert) Mike Tanji. In this edition, Mike brings context into the ransomware attacks against cities, the changing situation regarding best practices in perimeter defense, stunt hacking and many other hot topics you will want to track.

Read More
23 Aug 2019

The (Dis)illusion of Control: Context on the concept of increasing cost to adversaries

Conventional wisdom is telling us that “assumption of breach” is the new normal. Some well-respected names in computer security would have you believe that the appropriate response to such conditions is to increase the cost to the attackers. If you’re too expensive to breach – so the logic goes – the bad guys will go looking for someone else. Maybe someday, when everyone makes hacking too expensive, it will stop.

Read More
23 Aug 2019

Cyber War: The Fastest Way to Improve Cybersecurity

For all the benefits IT in general and the Internet specifically have given us, it has also introduced significant risks to our well-being and way of life. Yet cybersecurity is still not a priority for a majority of people and organizations. No amount of warnings about the risks associated with poor cybersecurity have helped drive significant change. Neither have real-world incidents that get worse and worse every year.

Read More
16 Aug 2019

The Global Ungoverned Area

There are places on this planet where good, civilized people simply do not voluntarily go, or willingly stay. What elected governments do in safer and more developed parts of the world are carried out in these areas by despots and militias, often at terrible cost to those who have nowhere else to go and no means to go if they did.

Read More
15 Aug 2019

Cyber Threat Analysis Report Vol 1, Edition 9

OODA’s Cyber Threat Analysis Report provides the “so what” behind the news and events we track on a daily basis. When it comes to putting cyber news in context, there really is no substitute for experience. The context in this report is provided by one of the most highly regarded

Read More
09 Aug 2019

The Wolf is Here: Cyber threats that have been long predicted are coming true on a daily basis

For decades we’ve heard that iCalamity is right around the corner. For decades we’ve largely ignored pleas to try and address computer security issues when they are relatively cheap and easy, before they got too large and complicated to do at all. We have been living a fairy tale life, and absent bold action and an emphasis on resiliency, it only gets grim(m)er going forward.

Read More
02 Aug 2019

Good Cybersecurity is Not Glamorous

One of the more common reasons why most organizations push back on spending for cyber security is the lack of a “return on investment.” All that fancy, shiny cyber-y stuff costs a lot of money without providing a clear benefit that is commensurate with the expenditure. Firewalls are expensive. IDS/IPS are expensive. SIEMs are expensive. Talent to run it all (if you can even find it) is expensive.

Read More