03 Sep 2019

America’s Most Critical Infrastructure is also Our Most Neglected Infrastructure

This special report is the first of a two-part series designed to both inform OODA members on the nature of challenges to our nation’s most critical infrastructure and provide recommendations for action that can mitigate these challenges. Our thesis is that America’s most critical infrastructure is our cognitive infrastructure. This is also the most attacked and least defended. In short, our most important critical infrastructure is also our most neglected infrastructure.

Read More
30 Aug 2019

Cyber Threat Analysis Report Vol 1, Edition 9

OODA’s Cyber Threat Analysis Report provides the “so what” behind the news and events we track on a daily basis. When it comes to putting cyber news in context, there really is no substitute for experience. The context in this report is provided by one of the most highly regarded cybersecurity practitioners and pioneer of cyber threat intelligence (and OODA Network expert) Mike Tanji. In this edition, Mike brings context into the ransomware attacks against cities, the changing situation regarding best practices in perimeter defense, stunt hacking and many other hot topics you will want to track.

Read More
30 Aug 2019

OODA Network Interview: Jason Zann

Our latest OODA Network interview with Jason Zann from RiskIQ. Jason’s career path is a bit non-traditional and certainly didn’t follow a prescribed path.  Read about how his ping-pong-ball approach has made allowed him to become a visionary in the cybersecurity industry and why RiskIQ thinks more transparency will take some of the bite out of the cyber threat.

Read More
30 Aug 2019

The DoDIIS Conference: Insights into how IT supports some of the most critical missions in the nation

With this post we provide some insights for OODA members from the 2-5 August 2019 DoDIIS conference. We have aimed this overview for three broad types of decision-makers: 1) The startup tech executive seeking to better serve government missions, 2) Business leaders seeking insights into global risks and mitigation efforts relevant to your organization, and 3) The government leader seeking independent views that could impact your approach to enterprise technology.

Read More
28 Aug 2019

The 5G Supply Chain Blind Spot: A more concerted effort to assess risk from the services supplied by our adversaries is required

Winning the worldwide “race to 5G” is a top priority for the United States. As the global competition unfolds, we have continued to hear about the technological and economic benefits associated with leadership in the wireless domain. Earlier this year, CTIA, a trade association representing the wireless communications industry, released a report that said, “America’s telecommunications operators plan to invest $275 billion to deploy 5G networks, creating 3 million new jobs and adding $500 billion to our economy.” Even though the benefits are undeniable, the U.S. has not relented on the critical security risks that must also be accounted for prior to large-scale nationwide investments in 5G infrastructure.

Read More
26 Aug 2019

Here is How the FBI Wants You to Protect Your Audio/Visual Devices from Cyberattack

An FBI bulletin provides an overview and detailed recommendations on how cyberattackers are targeting audio/visual systems to compromise corporate networks along with recommendations on how to prevent such attacks.

Read More
26 Aug 2019

CISA Outlines Agency’s Strategic Intent

The newly formed Cybersecurity and Infrastructure Security Agency (CISA)has released a strategic intent document outlining the agencies role in protecting U.S. critical infrastructure and cyberspace.  It is important for OODA Network Members to track the emergent roles and responsibilities of this agency as it will be a critical component of cyber and infrastructure security moving forward. 

Read More
23 Aug 2019

The (Dis)illusion of Control: Context on the concept of increasing cost to adversaries

Conventional wisdom is telling us that “assumption of breach” is the new normal. Some well-respected names in computer security would have you believe that the appropriate response to such conditions is to increase the cost to the attackers. If you’re too expensive to breach – so the logic goes – the bad guys will go looking for someone else. Maybe someday, when everyone makes hacking too expensive, it will stop.

Read More
23 Aug 2019

Cyber War: The Fastest Way to Improve Cybersecurity

For all the benefits IT in general and the Internet specifically have given us, it has also introduced significant risks to our well-being and way of life. Yet cybersecurity is still not a priority for a majority of people and organizations. No amount of warnings about the risks associated with poor cybersecurity have helped drive significant change. Neither have real-world incidents that get worse and worse every year.

Read More
19 Aug 2019

OODA Network Interview: Andy Lustig

This post is based on an interview with Andy Lustig at Cooley. It is part of our series of interviews of OODA Network members. Our objective with these interviews is to provide actionable information of interest to the community, including insights that can help with your own career progression.

Read More