29 Oct 2019

What Kleptocratic Support for Cybercriminals Means for Russian Cybersecurity Services

The use of deniable actors is hardly unique to Russia, but the state’s complicity and even outright involvement in organized crime is. OODA’s reports “The Russian Threat” suggests that “Russia should be considered a kleptocracy, where the rule of law exists as long as it supports the objectives of the state and the ruling oligarchs.” The report further notes that because the law is subject to the state’s whims, Putin is able “to act decisively to defend Russian interests and to pursue opportunities he views as enhancing Russian prestige and power abroad.” The coopting of cyber criminals represents just such an example of kleptocracy enabling the Russian state to seize controversial opportunities that would be waylaid by opposition from “checks and balances” in true democracies.

Read More
22 Oct 2019

Cybercriminals as the Russian State’s Deniable Proxies

Putin’s Russia has demonstrated a penchant for relying on proxies to provide a degree of deniability while pursuing its military objectives. As noted in Christoph Zürcher’s book The post-Soviet wars: Rebellion, ethnic conflict and nationhood in the Caucasus, Putin’s popularity emerged in large part due to his successful resolution of the conflict with Chechnya, which he achieved by co-opting the Kadyrov warlords. More recently, Putin has relied on not only deniable Russian forces, but also proxies within Ukraine. Still, blunders by Russian private military companies like the Wagner Group and Slavonic Corps in Syria have demonstrated how this deniability can backfire.

Read More
08 Oct 2019

Future Proof Conference Announced

OODA is pleased to announce that our Future Proof conference will be held on March 19, 2020 in Tysons Corner, Virginia.

The Future Proof conference brings together the hackers, thinkers, strategists, disruptors, leaders, technologists, and creators with one foot in the future to discuss the most pressing issues of the day and provide insight into the ways technology is evolving.  Future Proof is not just about understanding the future, but developing the resiliency to thrive and survive in an age of exponential disruption. 

Read More
18 Sep 2019

Mitigating Threats to Commercial Space Satellites

The space domain is transforming into an increasingly contested and congested environment. The President has referred to it as a critical warfighting domain and in response, the Department of Defense has recently established U.S. Space Command as a unified combatant command to employ space capabilities and lead space operations. In the private sector, we have seen investments in commercial space grow exponentially as advances in technology have sparked a renewed global interest in the final frontier. In the last decade alone an estimated 500 venture capital firms have invested in space, with approximately 20% making their first investments in 2018. A recent report by Morgan Stanley also cites, “the revenue generated by the global space industry may increase to more than $1 trillion by 2040.”

Read More
26 Aug 2019

Here is How the FBI Wants You to Protect Your Audio/Visual Devices from Cyberattack

An FBI bulletin provides an overview and detailed recommendations on how cyberattackers are targeting audio/visual systems to compromise corporate networks along with recommendations on how to prevent such attacks.

Read More
26 Aug 2019

CISA Outlines Agency’s Strategic Intent

The newly formed Cybersecurity and Infrastructure Security Agency (CISA)has released a strategic intent document outlining the agencies role in protecting U.S. critical infrastructure and cyberspace.  It is important for OODA Network Members to track the emergent roles and responsibilities of this agency as it will be a critical component of cyber and infrastructure security moving forward. 

Read More
16 Aug 2019

Def Con is the Most Valuable Security Conference of the Year.  Here’s Why.

There are literally hundreds of cybersecurity conferences hosted around the world each year and as a result it can be difficult to determine which conferences provided the highest value in the domain. 

While each of these events bring community value in their own unique way, Def Con is the most valuable event of the year for the community. Here’s why.

Read More
17 Jul 2019

OODA Special Report: The Kinetic Potential of Russian Cyber War

The proliferation of cyber physical systems (CPS) has increasingly enabled cyber actions to have direct kinetic effects on tangible infrastructure, even as cyberspace itself depends on tangible infrastructure vulnerable to kinetic damage.

This report focuses on Russia, a particularly important threat actor to track given their track record of brazen infrastructure attacks. It is almost certain that we will see further attacks from Russia against the infrastructure of other nations.  The only uncertainty remaining pertains to what sort of attacks they might be motivated to initiate under what circumstances, and whether we would even know if they had already been accomplished.

Read More
09 Jul 2019

Cyber Sensemaking Part Two: Management Lessons Learned and Essential Actions

In Part Two of this series on Cyber Sensemaking, OODA CEO Matt Devost steps through the top management lessons learned and actions that can be taking to drive your cyber risk management program. 

Read More
02 Jul 2019

Cyber Sensemaking – Essential Observations for the Next Five Years

Distilling over 25 years working in the fields of cybersecurity and cyberconflict across a multitude of domains including government, corporate, think tank, and academic this article serves as a foundational distillation of observations that can be applied in any organization. In Part Two of the series, we will look at lessons learned and actions that can be executed by management teams to help manage cyber risk.

Read More