The Federal Trade Commission (FTC) has published expectations for corporate board level oversight of cybersecurity. They advise every member of every board: “Don’t underestimate your role in data security oversight”. This post provides insights for OODA members on what this new guidance may mean for the future of board operations.
The ransomware attack against Colonial Pipeline revealed how disruptive this malware can be when it impacts civilian critical infrastructure. The successful shutdown of 5,500 miles of pipeline created concern among gas-strapped populations and a government wondering if this attack was the work of cyber criminals or a foreign adversary looking for retribution.
Jeremy King is a trusted advisor to corporate boards and some of the nation’s most elite business leaders. He is also a serial connector helping move business information on opportunities at the intersection of talent, capital, entrepreneurs and business development. Jeremy is an entrepreneur himself, creating successful executive search firms and also a game-changing non-profit we will talk a bit about later called MissionLink.
Several governments including the United States recognize the criticality of protecting critical infrastructure as a national security priority. But there is little headway in determining what, if any, operations against critical infrastructure are acceptable. Without such consensus, nation states are left to their own devices, opting to use sanctions or retaliatory cyber strikes to register their complaints. These are poor options, as lack of setting such redlines and having governments sign on to them risks a cyber incident being misinterpreted and misunderstood, and thereby, increasing the chance for state-on-state escalation via disproportionate retaliation.
Ben Ford is the founder of Commando Development, a firm which leverages his deep background and experience in enterprise IT as well as his years in service as a Royal Marine to the benefit of technology teams in startups and large enterprises.
In this OODAcast we discuss Ben’s views on the history of Commando’s, from the experiences that inspired Winston Churchill prior to his forming then in World War II up to today, capturing a surprising number of lessons for business and IT leaders today.
One of the critical factors which needs to be evaluated in any technical due diligence is the concept of Technology Debt. This report provides insights into technology debt from the perspective of an enterprise CTO turned due diligence professional. These lessons can help companies preparing for a future transaction to better position themselves for optimal outcomes. These lessons can also assist private equity and other investors in thinking through aspects of technology risk and identify areas requiring additional focus prior to a transaction.
In early April 2021, the U.S. District Court for the Southern District of Texas granted the Department of Justice the authority to disrupt the exploitation of Microsoft Exchange server vulnerabilities. This authority empowered the Federal Bureau of Investigation (FBI) to “hack” into private sector computers without having to notify those organizations. The intent was to protect infected systems by identifying malicious code designed to take control of the victimized computers.
OODA CEO Matt Devost has a track record of executing on innovation via entrepreneurship. You may also know him as the Co-Host of the OODAcast or perhaps through his role as a technologist and international security expert. He has extensive past performance in cybersecurity, counterterrorism, critical infrastructure protection, intelligence, and risk management issues.
April OODA Member Monthly Meeting Generates Unique Insights Into Issues Associated With The Rise of China
The business environment in China has changed over the last year. Changes in China’s behaviors include new approaches to diplomacy, new aggressive moves by the Chinese military, new compliance requirements for companies seeking to do business with China, and increased punishment of corporations that are seen to be behaving in ways not supportive of China’s strategic objectives. Cyber threats emanating from China have also continued to evolve, with criminal groups and national level intelligence agencies all leveraging increasing capabilities to gain unauthorized access to data meant to be protected. Meanwhile, many legal, but unfair trading practices are contributing to the rapid rise of China’s economic power and shifting global markets.
Beijing appears to be engaging in political warfare where it is attempting to fester animosity between foreign governments that show favor to Taiwan, a threat to the long-standing policy of “One Country, Two Systems” with regard to the island. In a recent instance, a fake announcement appeared to be from Taiwan’s Presidential Office on Facebook that asserted that the Taiwanese government intended to accept contaminated wastewater from a Japanese nuclear power plant. A second incident occurred in December 2020 when Taiwanese authorities investigated two Taiwanese with ties to Chinese mainland spreading a similar fake Presidential Office announcement that alleged U.S. and Taiwanese in involvement in protests in Thailand.