Research and Analysis on Defensive Strategies

Already a subscriber? Sign In.

Want our most exclusive content? Subscribers receive:

• Exclusive Content Access: Research and expert driven analysis to inform your decision-making.  Over ten thousand articles on disruptive technologies, cybersecurity, geo-political risk, and national security technology issues available only to subscribers.  Our Daily Global Pulse will let you know what premium content has been recently published as well as hand-curate the top stories of the day with executive level summaries.
• The OODA Network Dispatch: Our weekly newsletter keeps you apprised of emerging trends and upcoming events so you can stay informed and aware of issues that could impact you or your organization.
• Community Engagement: Engage in our dynamic Slack Workspace which serves as a hub for professionals and experts to exchange ideas, strategies, insights, and opportunities.

Most popular

Monthly Subscribe to OODA

$30

per month

• Premium Content
• Slack Community
• Weekly Newsletter
• OODAcon Invite

Subscribe

Most popular

Annual Subscribe to OODA Loop

$300

per month

• Premium Content
• Slack Community
• Weekly Newsletter
• 10% OODAcon Discount

Subscribe

Most popular

Member Apply to Join the OODA Network

$895

per year

• All subscriber Benefits
• Monthly Meetings
• In-person Network Events
• Network Slack Channels
• 50% OODAcon Discount

Apply to Join

OODA Best Practices for Agile Cybersecurity

Members of the OODA expert network continuously track best practices for policy, procedures, technology and governance related to cyber defense.  We work directly defending enterprises in cyber defense and maintain an always up to date list of actions in a form designed to help any organization stay as agile as possible in the face of dynamic adversaries. Read more at the OODA Special Report on Best Practices for Agile Cybersecurity

The New Enterprise Architecture Is Zero Trust

Enterprise technologists use the term “Zero Trust” to describe an evolving set of cybersecurity approaches that move defenses from static attempts to block adversaries to more comprehensive measures that improve enterprise performance while improving security. When the approaches of Zero Trust are applied to an enterprise infrastructure and workflows, the cost of security can be better managed and the delivery of functionality to end users increased. Security resources are matched to risk. Functionality, security and productivity all go up.

Zero Trust Will Yield Zero Results Without A Risk Analysis

Over the past four years there has been an avalanche of new Zero Trust products. However during the same period there has been no measurable reduction in cyber breaches. Zero Trust is a concept where an organization has Zero Trust in a specific individual, supplier or technology that is the source of their cyber risk. One needs to have Zero Trust in something and then act to neutralize that risk. Thus buying a Zero Trust product makes no sense unless it is deployed as a countermeasure to specific cyber risk. Buying products should be the last step taken not the first. To help enterprises benefit from Zero Trust concepts here is a modified OODA loop type process to guide your strategy development and execution.

The False Pundits of Cyber Will Lead Us Astray If We Let Them

They’re not cybersecurity experts, but they did stay at a Holiday Inn Express last night. Because we have no common body of knowledge from which to explore and learn from prior art, you can predict like the seasons when another cohort of professionals from other disciplines will attempt to tell

Want To Reduce Risk? It Is Time To End Cybersecurity Awareness Month

Management guru Peter Drucker said, “what gets measured gets managed.” Which helps to explain why Cybersecurity Awareness Month is such a bad idea.

NIST Cybersecurity Framework Gains Private Sector Traction and Other Noteworthy Cyber Efforts from the Institute

In our recent OODA Loop Stratigame – Scenario Planning for Global Computer Chip Supply Chain Disruption – in all four scenarios we determined that public-private partnership in the cybersecurity marketplace, including the establishment of industry-wide frameworks and standards, will be crucial. Organizations like the National Institute of Standards and Technology (NIST) will figure prominently in such efforts – and that means scanning the horizon for worthwhile government cybersecurity efforts which make sense for your company’s design innovation process, business models, and ideas around value creation and capture. To start, there is plenty of activity over at NIST related to cybersecurity worth a review.

The Executive’s Guide To Mitigating The Ransomware Threat

Cybersecurity and Cyber Incidents: Innovation and Design Lessons from Aviation Safety Models and a Call for a “Cyber NTSB”

In a recent 4-month long workshop, over 70 experts explored the concept of creating a “Cyber NTSB”. This workshop topic is consistent with themes like innovation and design processes for innovation, which cut across much of our recent OODA Loop research and analysis.  It all starts with a design metaphor. This recent workshop used the National Transportation Safety Board as a design analogy/metaphor for a National Cyber Safety Board/National Cyber Security Board (NCSB). Specifically, innovation in “lesson-learning systems” for cybersecurity and cyber incidents – taking design process inspiration from the aviation safety models of the NTSB – was the goal of this “Cyber NTSB” workshop.

From Solar Sunrise to Solar Winds: The Questionable Value of Two Decades of Cybersecurity Advice

While the Ware Report of 1970 codified the foundations of the computer security discipline, it was the President’s Commission on Critical Infrastructure Protection report of 1997 that expanded those requirements into recommendations for both discrete entities as well as the nascent communities that were growing in and around the Internet. Subsequent events that were the result of ignoring that advice in turn led to the creation of more reports, assessments, and studies that reiterate what was said before. If everyone agrees on what we should do, why do we seem incapable of doing it? Alternately, if we are doing what we have been told to do, and have not reduced the risks we face, are we asking people to do the wrong things?  See: From Solar Sunrise to Solar Winds: The Questionable Value of Two Decades of Cybersecurity Advice and At Black Hat Conference 2021, CISA Director Jen Easterly launches CISA JCDC

Meet the New Boss: Context on Cybersecurity and US Federal Leadership

Noted cybersecurity expert Mike Tanji provides context on what to expect from the cybersecurity actions and policies of the Biden Administration. His insights are based on thirty years in the field. He cautions us all to maintain a level of hope, but to not get too worked up about transitions and talk of change. Everyone is all talk until they sit down in the chair and begin to understand exactly what it takes to govern. That said, there are changes that can be expected. Here are a few signals to watch for to see if they will stick.

See: Meet the New Boss: Context on Cybersecurity and US Federal Leadership

Junaid Islam Discusses 5G Security and Functionality at OODAcon

Junaid Islam has 30 years of experience in secure communications. His protocols, algorithms and architectures have been incorporated into a broad range of commercial and national security systems. In the 90s he developed the first implementation of Multi-Level Precedence and Preemption (MLPP) for US Department of Defense C2 applications. He developed the first working Mobile IPv6 client to enable fast hand-off as well as IPv6 address scrambling for high side networks for the DoD’s Netcentric Warfare program. He developed the first network-based Zero Trust Architecture using Software Defined Perimeter (SDP) which was adopted by NIST for their Zero Trust specification 800-207. See: Junaid Islam Discusses 5G Security and Functionality at OODAcon

Seeking Security Alpha

In cybersecurity, it has long been assumed that the attacker has the advantage and that defenders must deploy a disproportionate amount of resources (time, money, etc.) to even try and maintain some parity. In this piece, we’ve conducted interviews with two successful CISOs to provide insight into how they view security alpha issues. Mark Weatherford is a highly experienced and successful CISO who has worked in the public sector at both the state and federal level and also as a CISO for multi-billion dollar commercial organizations. Our Global FS CISO currently works as the Global CISO at one of the largest financial services firms in the world and has 25 years of experience working on cybersecurity and risk management issues.

See: Seeking Security Alpha

Cyber: The Art Of War

Foreign bad actors are conducting a covert cyber war. The pace, frequency, and intensity of cyberattacks are now greater than ever. As the physical realm inevitably merges with the cyber one, forming a new kind of infrastructure, cyberattacks on this infrastructure can have a catastrophic impact on our energy, waste, water, transportation, and telecommunications facilities. Examples include potential attack on infrastructures like distributed control system (DCS) and supervisory control and data acquisition (SCADA) that monitor and control processes and plant with many control loops. Additionally, exploitation of supply chain vulnerabilities can substantially disrupt the way we live, work, and play.

See: Cyber: The Art Of War

What Executives Need To Know About The Report of the Cyberspace Solarium Commission

In 2019 Congress passed legislation signed into law by the President establishing the U.S. Cyberspace Solarium Commission, chartered to develop a consensus on a strategic approach to defending the US against cyber attacks of significant consequences. The commission was established to be bi-partisan and also staffed and chartered to be as informed as possible by experts who really know the state of technology and cyber defense today. The commission executed its charter through extensive outreach and dialog with leaders in industry, academia, non-profits and government and produced deliverables that will make a positive change in our nation’s defense.

See: What Executives Need To Know About The Report of the Cyberspace Solarium Commission

Cyberwar Was Coming: A Reflection on the 25 Year Old Thesis that Predicted a Generation of Cyberconflict

“You’ve got to read what this kid is writing out of his basement at the University of Vermont…” – recently retired CIA officer to intelligence and military colleagues in 1994. A candid 25 year retrospective on a thesis that launched a tremendous amount of dialogue and action on the issues of information warfare, cyberterrorism, and cybersecurity. See:

Cyberwar Was Coming: A Reflection on the 25 Year Old Thesis that Predicted a Generation of Cyberconflict

Deception Needs to be an Essential Element of Your Cyber Defense Strategy

In the cyber defense community, we talk about a wide-range of risk mitigating technologies, strategies, and activities.  We talk about attacker deterrence and increasing costs for the attacker.  We invest in endpoint agents, threat intelligence, DLM, and other mitigating technologies on a daily basis. Here’s why one of the most compelling emerging use cases for increasing attacker costs is through the use of deception. For more see: Deception Needs to be an Essential Element of Your Cyber Defense Strategy

What You Really Need To Know About the California Consumer Privacy Act (CCPA)

Traveling Executive’s Guide to Cybersecurity:

Traveling executives are frequent targets for cyber espionage. This report provides guidance for executives and their security teams on how to protect their information and technology while on the go. Produced by OODA co-founders Matt Devost and Bob Gourley, the report provides best practices, awareness of threats, and a deep understanding of the state of technology. A tiered threat model is provided enabling a better tailoring of actions to meet the threat. For more see:  OODA Releases a Traveling Executive’s Guide to Cybersecurity

For Executive Protection, Physical and Cyber Security Have Fully Converged

OODA Best Practices for Agile Cybersecurity:

Members of the OODA expert network continuously track best practices for policy, procedures, technology and governance related to cyber defense.  We work directly defending enterprises in cyber defense and maintain an always up to date list of actions in a form designed to help any organization stay as agile as possible in the face of dynamic adversaries. Read more at the OODA Special Report on Best Practices for Agile Cybersecurity

Additional Cyber Security Reporting and Analysis:

Mitigating Risks To America’s Cognitive Infrastructure: Our most important infrastructure is also our most neglected.

11 Habits of Highly Effective CISOs: What does it take to be a highly effective CISO?

Making Sense of Cyber Lessons : Lessons for enhanced cybersecurity across multiple domains including government, corporate, think tank and academic.

The CMMC: What business needs to know about how DoD will measure your security posture

Essential Management Strategies for Cybersecurity: Management lessons learned and essential actions to mitigate risks

10 Red Teaming Lessons Learned Over 20 Years – Red teaming is one of the most valuable things you can do within your organization.  OODA CEO and Co-Founder Matt Devost offers up his top ten red teaming lessons learned from over two decades of red teaming across hundreds of engagements.

The Five Modes of HACKthink – Explores how to use a hacker mindset to solve complex problems and unlock opportunity.

Email – The Often Overlooked Cybersecurity Risk – Are silly email mistakes putting your sensitive data and customer PII at risk or in violation of GDPR. Matt Devost breaks down four real life examples that highlight inadvertent email risks.

Def Con – The highest yield cyber security event of the year.

The 5G Supply Chain Blindspot – This is the place few are looking regarding 5G security

Flaws In The U.S. Vulnerabilities Equities Process: Deep insights from our own expert Cindy Martinez.

Vulnerabilities, the Search for Buried Treasure, and the US Government: Analysis from noted expert and cybersecurity thought leader (and OODA network member) Jason Healey.

Here is How the FBI Wants You To Protect Your Audio/Visual Devices: From an FBI bulletin

CISA Outlines Agency’s Strategic Intent: Vision of the Cybersecurity and Infrastructure Security Agency

The Key To A Defensible Cyberspace: A look at the work of Jason Healey and the NY Cyber Task Force

How a Presidential Commission Was Tracking Hackers in 1996: New insights into the President’s Commission on Critical Infrastructure Protection

Maturing The Cyber Threat Intelligence Field into a Discipline: based on a career in operational intelligence

Cybersecurity and Technology Due Diligence: Resources that will keep you informed before and during due diligence