Due Diligence prior to an investment, merger, acquisition or other business event is best done with experienced professionals who have past performance. This is especially true when assessing the technology or cybersecurity of a target firm. Due Diligence professionals should also maintain a current understanding of the state of enterprise technology and cybersecurity. This page brings together OODA special reports on these topics to help our members track the most critical elements in these domains. We also provide up to date reporting from the OODA Daily Pulse that can inform your due diligence activities.
Lessons Learned From A Decade in Technology Due Diligence
Bob Gourley has spent a career evaluating the business impact of technologies and devising strategies to apply technology to operational success. Inform your next due diligence assessment with the actionable insights in this video. See: Lessons Learned in Due Diligence
Scenario Planning for Global Computer Chip Supply Chain Disruption: Results of an OODA Stratigame
This report is the outcome of our first OODA wargame, which we have branded as a Stratigame (Strategic Game), focusing on the global computer chip supply chain issues. Over 25 members of the OODA Network of Experts participated in this Stratigame where the OODA research team developed four scenarios and then led a structured discussion in which experts provided unique insights into potential impacts of these scenarios, adjacent risks and opportunities, and recommended actions that would allow us to avoid the negative impacts of a particular scenario or nudge us into a more favorable scenario.
DHS Science and Technology Directorate (S&T) releases Artificial Intelligence (AI) and Machine Learning (ML) Strategic Plan Amidst Flurry of USG-wide AI/ML RFIs
An artificial intelligence security strategy (see “Securing AI – Four Areas to Focus on Right Now”) should be the cornerstone of any AI and machine learning (ML) efforts within your enterprise. We also recently outlined the need for enterprises to further operationalize the logging and analysis of artificial intelligence (AI) related accidents and incidents based on an “AI Accidents” framework from the Georgetown University CSET. The best analysis is a sophisticated body of work on AI-related issues of morality, ethics, fairness, explainable and interpretable AI, bias, privacy, adversarial behaviors, trust, fairness, evaluation, testing and compliance.
Zero Trust Will Yield Zero Results Without A Risk Analysis
Over the past four years there has been an avalanche of new Zero Trust products. However during the same period there has been no measurable reduction in cyber breaches. Zero Trust is a concept where an organization has Zero Trust in a specific individual, supplier or technology that is the source of their cyber risk. One needs to have Zero Trust in something and then act to neutralize that risk. Thus buying a Zero Trust product makes no sense unless it is deployed as a countermeasure to specific cyber risk. Buying products should be the last step taken not the first. To help enterprises benefit from Zero Trust concepts here is a modified OODA loop type process to guide your strategy development and execution.
What To Know And Do About The Coming Metaverse
In the early 1990’s SciFi fans were introduced to a concept called the Metaverse in Neal Stephenson’s book SnowCrash. In the book this described a future virtual reality beyond the universe that was populated by user-controlled avatars as well as AI and bots.
Now decades later the age of the Metaverse is upon us. This post captures insights into this new world in ways meant to help leaders understand what is most relevant to your strategic planning. We provide an operational definition of the Metaverse, a description of the current market of metaverse players, and a list of recommendations for how this information should inform your business strategy. For more see: What To Know And Do About The Coming Metaverse
Strategic Issues With Compromise Of Data From DNA Diagnostics Center’s Genetic Testing Database
Ohio-based DNA Diagnostics Center (DDC) recently reported that in August 2021, the company detected potential unauthorized access to its network, during which there was unauthorized access and acquisition of an archived database that contained personal information collected between 2004 and 2012. There are issues with security associated with life sciences data. We hit some very big ones here.
A CTO’s Perspective on Technology Debt in M&A
Technical due diligence is designed to identify the risks and opportunities of technology, including the technology developed and sold by the firm being evaluated, but also the technology being used to run the company.
One of the critical factors which needs to be evaluated in any technical due diligence is the concept of Technology Debt. This report provides insights into technology debt from my perspective as an enterprise CTO turned due diligence professional. These lessons can help companies preparing for a future transaction to better position themselves for optimal outcomes. These lessons can also assist private equity and other investors in thinking through aspects of technology risk and identify areas requiring additional focus prior to a transaction. See: A CTO’s Perspective on Technology Debt in M&A
Using Artificial Intelligence For Competitive Advantage in Business
AI technologies are making continuous advances in domains like industrial robotics, logistics, speech recognition and translation, banking, medicine and advanced scientific research. But in almost every case, the cutting edge AI that drives the advances drops from attention, becoming almost invisible when it becomes part of the overall system. For more see: Using Artificial Intelligence For Competitive Advantage in Business
The New Enterprise Architecture Is Zero Trust
Enterprise technologists use the term “Zero Trust” to describe an evolving set of cybersecurity approaches that move defenses from static attempts to block adversaries to more comprehensive measures that improve enterprise performance while improving security. When the approaches of Zero Trust are applied to an enterprise infrastructure and workflows, the cost of security can be better managed and the delivery of functionality to end users increased. Security resources are matched to risk. Functionality, security and productivity all go up.
FTC Expectations For Corporate Board Level Oversight of Cybersecurity
The Federal Trade Commission (FTC) has published expectations for corporate board level oversight of cybersecurity. They advise every member of every board: “Don’t underestimate your role in data security oversight”. This post provides insights for OODA members on what this new guidance may mean for the future of board operations.
Special Reporting on The Federal Technology Market
The federal government spends almost $90B a year on technology. But serving this market can be hard, especially for a startup firm. Our analysts have decades of experience helping tech startup CEOs succeed in the federal space. Our special reporting on this topic provides actionable insights to help you prioritize your actions and optimize your strategy. Our federal technology expert Bob Gourley produces this series and is available to all OODA Network members seeking additional insights for growth in this sector. Review all in this series at: OODA’s Special Reporting on the Federal Technology Market.
The Revolution in Bio-Science:
This post provides an overview of key thrusts of the transformation underway in biology and offers seven topics business leaders should consider when updating business strategy to optimize opportunity because of these changes. For more see: The Executive’s Guide To The Revolution in Biology
Security In Space and Security of Space:
The last decade has seen an incredible increase in the commercial use of space. Businesses and individual consumers now leverage space solutions that are so integrated into our systems that they seem invisible. Some of these services include: Communications, including very high-speed low latency communications to distant and mobile users. Learn more at: OODA Research Report: What Business Needs To Know About Security In Space Also see: Is Space Critical Infrastructure, and the special report on Cyber Threats to Project Artemis, and Mitigating Threats To Commercial Space Satellites
Data As A Weapon System:
Are you making the most of your data holdings? If you want to leverage your data to the better of your business you need to treat it like a weapon and use it to gain advantage over others. This is not just about your technical architecture, this is about your attitude and the approach you take to being proactive. For our best practices on how to do so see the OODA Guide to Using Your Data As A Weapon.
Additional Assessments:
Living in the Future – Matt Devost reviews key insights and predictions of trends from 2010 and assesses how predictions then played out. OODA is tracking all these trends as we move fast to the future.
2019 and the Evolving Role of OSINT – Open Source Intelligence, to include social media analysis, has evolved a next generation of crowdsourcing and accountability.
Towards 2020: The most popular stories on OODA Loop for 2019
What We All Need To Know About The Impacts of a Truly Global Internet: Insights leading to actions
Hostile Social Manipulation: Insights you can use
OODA Trends 2019 – Our take on an annual trends report looks at emerging technology and security trends that should be in your OODA Loop.
Manage Insider Risk and Prevent Big Brother Perception – A four part series by OODA Network Expert Crystal Lister on managing insider threats.
DHS & FBI Report that Election Infrastructure in all 50 States Targeted During 2016 – The Department of Homeland Security and the Federal Bureau of Investigation have issued a special report acknowledging that the election infrastructure in all 50 states was targeted during the 2016 election.
DoD’s new Capability Maturity Model for Cyber (CMMC): How the government will measure you.
Mexican Cartel Adaptation and Innovation: This brief assessment looks at non-technological innovation potentials among Mexican TCOs (criminal cartels and gangs).
What Business Leaders Need To Know Regarding Hong Kong: Yes it will impact your business
Insights From The DoDIIS Conference: Actionable info from this gathering of tech spies
Books:
The Top 10 Security, Technology, and Business Books – OODA CEO and Co-Founder Matt Devost reads over 50 books a year and provides his top 10 for 2019. Also see the 2018 list, the 2017 list and 2016 list or our curated list of great reads at Amazon.com
LikeWar and the Weaponization of Social Media – Our interview with author P.W. Singer.
Unmasking Maskirovka: Russia’s Cyber Influence Operations – OODA Network Expert Book Review – This exploration is timely and relevant given the Russian assault on the American electoral process in the 2016 Presidential election—especially since the long-range implications are still being assessed. The AI Books Chinese President Xi Jinping is Reading: What we saw on his bookshelf
The Red Teamer’s Bookshelf – Our pick of key reads for security practitioners
What If You Could Know What The Designers Of Our AI-Enabled Future Think? – To really see where we are all going with Artificial Intelligence (AI) there is no better way than asking those who are architecting the future of AI.
Does Technology Threaten The Future of Humanity? According to this book it may.
The Hackers Who Saved The World: Interview with author Joe Menn
The Intelligent Enterprise Series
The Intelligent Enterprise Series: Special reports from OODA focused on corporate intelligence
Useful Standards For Corporate Intelligence: Based on lessons learned from the US intelligence community and corporate America
Optimizing Corporate Intelligence: Tips and best practices and actionable recommendations to make intelligence programs better.
A Practitioner’s View of Corporate Intelligence: insights aimed at corporate strategists seeking competitive advantage through better and more accurate decision-making.
An Executive’s Guide To Cognitive Bias in Decision Making: Cognitive Bias and the errors in judgement they produce are seen in every aspect of human decision-making, including in the business world. Companies that have a better understanding of these cognitive biases can optimize decision making at all levels of the organization, leading to better performance in the market.
OODA Loop Market Sector Reviews
Each of these market sector reports captures key insights into the state of digital transformation of the sector and leads to recommendations both for leaders in that sector and for those seeking to serve these markets:
Digital Transformation in the Health Care Sector
Digital Transformation in the Financial Sector
Digital Transformation in the Industrials Sector
Digital Transformation in the Materials Sector- Optimizing The Business of Chemicals, Metals, Mining