Several governments including the United States recognize the criticality of protecting critical infrastructure as a national security priority. But there is little headway in determining what, if any, operations against critical infrastructure are acceptable. Without such consensus, nation states are left to their own devices, opting to use sanctions or retaliatory cyber strikes to register their complaints. These are poor options, as lack of setting such redlines and having governments sign on to them risks a cyber incident being misinterpreted and misunderstood, and thereby, increasing the chance for state-on-state escalation via disproportionate retaliation.
Ben Ford is the founder of Commando Development, a firm which leverages his deep background and experience in enterprise IT as well as his years in service as a Royal Marine to the benefit of technology teams in startups and large enterprises.
In this OODAcast we discuss Ben’s views on the history of Commando’s, from the experiences that inspired Winston Churchill prior to his forming then in World War II up to today, capturing a surprising number of lessons for business and IT leaders today.
One of the critical factors which needs to be evaluated in any technical due diligence is the concept of Technology Debt. This report provides insights into technology debt from the perspective of an enterprise CTO turned due diligence professional. These lessons can help companies preparing for a future transaction to better position themselves for optimal outcomes. These lessons can also assist private equity and other investors in thinking through aspects of technology risk and identify areas requiring additional focus prior to a transaction.
In early April 2021, the U.S. District Court for the Southern District of Texas granted the Department of Justice the authority to disrupt the exploitation of Microsoft Exchange server vulnerabilities. This authority empowered the Federal Bureau of Investigation (FBI) to “hack” into private sector computers without having to notify those organizations. The intent was to protect infected systems by identifying malicious code designed to take control of the victimized computers.
OODA CEO Matt Devost has a track record of executing on innovation via entrepreneurship. You may also know him as the Co-Host of the OODAcast or perhaps through his role as a technologist and international security expert. He has extensive past performance in cybersecurity, counterterrorism, critical infrastructure protection, intelligence, and risk management issues.
April OODA Member Monthly Meeting Generates Unique Insights Into Issues Associated With The Rise of China
The business environment in China has changed over the last year. Changes in China’s behaviors include new approaches to diplomacy, new aggressive moves by the Chinese military, new compliance requirements for companies seeking to do business with China, and increased punishment of corporations that are seen to be behaving in ways not supportive of China’s strategic objectives. Cyber threats emanating from China have also continued to evolve, with criminal groups and national level intelligence agencies all leveraging increasing capabilities to gain unauthorized access to data meant to be protected. Meanwhile, many legal, but unfair trading practices are contributing to the rapid rise of China’s economic power and shifting global markets.
Beijing appears to be engaging in political warfare where it is attempting to fester animosity between foreign governments that show favor to Taiwan, a threat to the long-standing policy of “One Country, Two Systems” with regard to the island. In a recent instance, a fake announcement appeared to be from Taiwan’s Presidential Office on Facebook that asserted that the Taiwanese government intended to accept contaminated wastewater from a Japanese nuclear power plant. A second incident occurred in December 2020 when Taiwanese authorities investigated two Taiwanese with ties to Chinese mainland spreading a similar fake Presidential Office announcement that alleged U.S. and Taiwanese in involvement in protests in Thailand.
Max de Groen is a managing director at Bain Capital Private Equity (one of the world’s leading PE firms with over $130 billion of assets under management), where he focuses on investments in infrastructure, cybersecurity, and application software as well as internet and digital media. This means is is well positioned to help us understand more about the future of technology enabled businesses.
In a new alert, the Department of Homeland Security is warning that Domestic Violent Extremists and Foreign Terrorist Organizations have bee using TikTok to recruit, promote violence, and disseminate tactical guidance for use in various terrorist and criminal activities. The alert highlights several instances of TikTok being used in this manner and how these entities are avoiding detection and termination of their accounts.
On 15 April the Biden Administration formally attributed the Solar Winds attacks to Russia’s Foreign Intelligence Service, the SVR. Soon thereafter they issued several directives implementing sanctions against Russia and some Russian related business leaders. The fall out from these actions is still underway and we will continue to track and assess how these matters could impact business and government strategies and decision-making. This post provides context important in assessing why any cyber retaliation needs to be both quick and meaningful.