26 Aug 2019

CISA Outlines Agency’s Strategic Intent

The newly formed Cybersecurity and Infrastructure Security Agency (CISA)has released a strategic intent document outlining the agencies role in protecting U.S. critical infrastructure and cyberspace.  It is important for OODA Network Members to track the emergent roles and responsibilities of this agency as it will be a critical component of cyber and infrastructure security moving forward. 

Read More
16 Aug 2019

Def Con is the Most Valuable Security Conference of the Year.  Here’s Why.

There are literally hundreds of cybersecurity conferences hosted around the world each year and as a result it can be difficult to determine which conferences provided the highest value in the domain. 

While each of these events bring community value in their own unique way, Def Con is the most valuable event of the year for the community. Here’s why.

Read More
17 Jul 2019

OODA Special Report: The Kinetic Potential of Russian Cyber War

The proliferation of cyber physical systems (CPS) has increasingly enabled cyber actions to have direct kinetic effects on tangible infrastructure, even as cyberspace itself depends on tangible infrastructure vulnerable to kinetic damage.

This report focuses on Russia, a particularly important threat actor to track given their track record of brazen infrastructure attacks. It is almost certain that we will see further attacks from Russia against the infrastructure of other nations.  The only uncertainty remaining pertains to what sort of attacks they might be motivated to initiate under what circumstances, and whether we would even know if they had already been accomplished.

Read More
09 Jul 2019

Cyber Sensemaking Part Two: Management Lessons Learned and Essential Actions

In Part Two of this series on Cyber Sensemaking, OODA CEO Matt Devost steps through the top management lessons learned and actions that can be taking to drive your cyber risk management program. 

Read More
02 Jul 2019

Cyber Sensemaking – Essential Observations for the Next Five Years

Distilling over 25 years working in the fields of cybersecurity and cyberconflict across a multitude of domains including government, corporate, think tank, and academic this article serves as a foundational distillation of observations that can be applied in any organization. In Part Two of the series, we will look at lessons learned and actions that can be executed by management teams to help manage cyber risk.

Read More
19 Apr 2019

Cyber Threat Analysis Report Volume 1 Edition 5

Why is it so hard for us to pay attention to cybersecurity? Mike Tanji analyzes the latest news and trends in the cybersecurity industry.

Read More
29 Mar 2019

DHS & FBI Report that Election Infrastructure in all 50 States Targeted During 2016

The Department of Homeland Security and the Federal Bureau of Investigation have issued a special report acknowledging that the election infrastructure in all 50 states was targeted during the 2016 election.

Read More
01 Oct 2018

Here is How the U.S. Government Wants You to Talk About Election Cybersecurity

The United States government has released a set of common definitions for talking about election cybersecurity issues.

Read More
24 Aug 2018

Defense Science Board Task Force On Improving Cyber As A Strategic Weapon

The United States is currently years behind its rivals in cyberspace, both conceptually and operationally.

Read More
31 May 2018

Long-Awaited Botnet Report Calls on Industry for Solutions

“The federal government should ‘lead by example’ when it comes to ensuring its computers and internet-linked devices aren’t hijacked by botnets, but industry should take the lead in determining just how those devices should be secured, according to a report released Wednesday. The report from the Homeland Security and Commerce

Read More