OODAcast

Amr Awadallah is widely known as a founder of Cloudera. Prior to that he was working on extreme scale data solutions for Yahoo. Most recently he was VP for Developer Relations at Google Cloud. Amr has a BS in EE from Cairo University, an MS in Computer Engineering from Cairo University, and a PhD EE from Stanford University. His experiences in tech and company leadership put him in the perfect position to help bring actionable insights to decision-makers today. Topics we discussed include: Lessons from his foundational story which can inform how to inspire the youth of today to continue pursuing their dreams and reaching for deeper understanding of the world and how it works. The world before scalable data systems and the problems with old approaches to data The breakthroughs that came with the approaches detailed in Google papers on their file system and an approach called Map Reduce. What Hadoop is The Cloudera approach of making Hadoop and related capabilities safe for enterprise use The leadership approach at Cloudera Advice for founders today The biggest challenges and opportunities in enterprise IT today Views on the future of cybersecurity A discussion on the metaverse and what comes next  

Sir David Omand is one of the most respected intelligence professionals in the world and author of the book How Spies Think: Ten lessons in intelligence. His career in intelligence began shortly after graduating from Cambridge in 1969 when he joined the UK's GCHQ (Government Communications Headquarters). He would later become the director of GCHQ. He also served as the first UK Security and Intelligence Coordinator, the most senior intelligence, counter-terror and homeland security position in the UK. In this OODAcast we discuss lessons in leadership from his time in the intelligence service and his views on the current threat environment, including threats to nations, corporations and citizens of the free world. We also examine how his time in intelligence informed his own models for understanding and analyzing complex situations and how this motivated him to write How Spies Think. We examine concepts critical to any corporate or government intelligence organization, including: The need to understand history for critical context (Like Churchill put it, "the further back you look, the further ahead you can see"). Why trained defense lawyers can make good deception planners How to find balance between being separate enough from decision-makers so they do not bias you but close enough so you can know their plans and know how to influence them The importance of building trust throughout the organization and with partners and consumers The new realities of the information age, including new tools at the disposal of adversaries New mental models for analysis The interview also examines Omand's lessons by use of a framework he developed to capture the essence of how intelligence analysts and operational decision makers can deal with the modern information environment through perception and analysis. He calls this the SEES model. SEES stands for: Situational Awareness: A baseline understanding of the situation gained through observation. Explanation: Contextualizing facts so they can be better understood. Estimation: The formal methods used to articulate what is known and what may be coming. Strategic Notice: The provision of actionable insights to decision-makers. This model is examined in the context of both history and current operations in a way that can inform how intelligence is used not only by governments but by businesses and citizens. Related Resources How Spies Think: Ten lessons in intelligence Sir David Omand on LinkedIn Black Swans and Gray Rhinos Now more than ever, organizations need to apply rigorous thought to business risks and opportunities. In doing so it is useful to understand the concepts embodied in the terms Black Swan and Gray Rhino. See: Potential Future Opportunities, Risks and Mitigation Strategies in the Age of Continuous Crisis Cybersecurity Sensemaking: Strategic intelligence to inform your decisionmaking The OODA leadership and analysts have decades of experience in understanding and mitigating cybersecurity threats and apply this real world practitioner knowledge in our research and reporting. This page on the site is a repository of the best of our actionable research as well as a news stream of our daily reporting on cybersecurity threats and mitigation measures. See: Cybersecurity Sensemaking Corporate Sensemaking: Establishing an Intelligent Enterprise OODA’s leadership and analysts have decades of direct experience helping organizations improve their ability to make sense of their current environment and assess the best courses of action for success going forward. This includes helping establish competitive intelligence and corporate intelligence capabilities. Our special series on the Intelligent Enterprise highlights research and reports that can accelerate any organization along their journey to optimized intelligence. See: Corporate Sensemaking

Jessica Gulick is widely known for her leadership of the successful growth strategy and marketing firm Katzcy. She is also the Commissioner of the US Cyber Games, a multi-phased cybersecurity program recruiting a US Cyber Team for international competition. She is also the founder of PlayCyber, a new business line promoting cyber games and tournaments. Jessica is also the president of the board at the Woman's Society of Cyberjutsu and a driving force behind their Wicked6 cyber games. In this OODAcast we discuss Jessica's background as a cybersecurity practitioner (she is a 20-year veteran in the cybersecurity industry with proven experience in starting businesses, leading cross-functional cyber teams, co-authoring NIST Special Publications, capturing commercial and government business and running epic cybersecurity games and tournaments). We exam her passion for cybersecurity as an esport where players, fans, and companies can collaborate. We also discuss her leadership style and how that translates to her focus on helping the community as a strong advocate for diversity in the workforce. While examining Jessica's successes and lessons learned she revealed early lessons from mentors that shaped her approach to cybersecurity and continuous learning. We also learned how pursuit of the designation known as PMP ended up shaping her personal mental models and contributed to her ability to get things done. Jessica also discusses a lesson she learned from her son that will resonate with anyone seeking insights into success in the field of business. Related Reading: US Cyber Games: A multi-phased cybersecurity program featuring a US team and international competition. Katcy: A woman-owned growth strategy and marketing firm. PlayCyber: A new business line promoting cyber games and tournaments. Black Swans and Gray Rhinos Now more than ever, organizations need to apply rigorous thought to business risks and opportunities. In doing so it is useful to understand the concepts embodied in the terms Black Swan and Gray Rhino. See: Potential Future Opportunities, Risks and Mitigation Strategies in the Age of Continuous Crisis Cybersecurity Sensemaking: Strategic intelligence to inform your decisionmaking The OODA leadership and analysts have decades of experience in understanding and mitigating cybersecurity threats and apply this real world practitioner knowledge in our research and reporting. This page on the site is a repository of the best of our actionable research as well as a news stream of our daily reporting on cybersecurity threats and mitigation measures. See: Cybersecurity Sensemaking Corporate Sensemaking: Establishing an Intelligent Enterprise OODA’s leadership and analysts have decades of direct experience helping organizations improve their ability to make sense of their current environment and assess the best courses of action for success going forward. This includes helping establish competitive intelligence and corporate intelligence capabilities. Our special series on the Intelligent Enterprise highlights research and reports that can accelerate any organization along their journey to optimized intelligence. See: Corporate Sensemaking Artificial Intelligence Sensemaking: Take advantage of this mega trend for competitive advantage This page serves as a dynamic resource for OODA Network members looking for Artificial Intelligence information to drive their decision-making process. This includes a special guide for executives seeking to make the most of AI in their enterprise. See: Artificial Intelligence Sensemaking COVID-19 Sensemaking: What is next for business and governments From the very beginning of the pandemic we have focused on research on what may come next and what to do about it today. This section of the site captures the best of our reporting plus daily daily intelligence as well as pointers to reputable information from other sites. See: OODA COVID-19 Sensemaking Page. Space Sensemaking: What does your business need to know now A dynamic resource for OODA Network members looking for insights into the current and future developments in Space, including a special executive’s guide to space. See: Space Sensemaking The OODAcast Video and Podcast Series In 2020, we launched the OODAcast video and podcast series designed to provide you with insightful analysis and intelligence to inform your decision making process. We do this through a series of expert interviews and topical videos highlighting global technologies such as cybersecurity, AI, quantum computing along with discussions on global risk and opportunity issues. See: The OODAcast

Lance Mortlock is a Senior EY Strategy Partner. He is author of the book Disaster Proof: Scenario Planning for Post Pandemic Future, which explores ways scenario planning can help organizations be more resilient. This is a must-read book for anyone in the Risk Management field. It provides practical advice for strategists, planners, executives and board members on how to ask better questions related to the future, uncertainty, risk and strategy. In this OODAcast, we ask Lance for insights into what planners can learn from major global events from the last few decades and how scenario planning can help organizations prepare for the big shocks. Scenario Planning goes beyond simple strategy development and strategic planning. Strategic plans are almost never agile enough for the real world. Scenario planning helps organizations prepare for increasing levels of global uncertainty and complexity. When done well it results in playbooks that can help speed decision-making in the moment. Scenario Planning originated with the military and has been firmly rooted in military strategy and is continually leveraged at major military staff headquarters to map out potential futures. Students of military history may know of famous scenario planners like Herman Kahn of RAND.  Kahn had met with a forward thinking executive at Shell, Pierre Wack, who became the first business leader to adapt scenario planning commercially. Lance discusses how many corporations since then have leveraged scenario planning to anticipate futures and prepare for both increased risk and opportunities. Lessons we learned from Lance include: Expected outcomes from scenario planning Repeatable methods to get the most from planning sessions How Lance's methods of scenario planning for corporations can be translated to scenario planning for individuals (which makes for some excellent career advice) Potential scenarios involving the impact of Covid-19 on the global business environment What could be the next big disruptive event The uncertainty and complexity and potential risks and opportunities associated with Artificial Intelligence Related Reading: Disaster Proof: Scenario Planning for a Post-Pandemic Future Lance Mortlock on LinkedIn Black Swans and Gray Rhinos Now more than ever, organizations need to apply rigorous thought to business risks and opportunities. In doing so it is useful to understand the concepts embodied in the terms Black Swan and Gray Rhino. See: Potential Future Opportunities, Risks and Mitigation Strategies in the Age of Continuous Crisis Cybersecurity Sensemaking: Strategic intelligence to inform your decisionmaking The OODA leadership and analysts have decades of experience in understanding and mitigating cybersecurity threats and apply this real world practitioner knowledge in our research and reporting. This page on the site is a repository of the best of our actionable research as well as a news stream of our daily reporting on cybersecurity threats and mitigation measures. See: Cybersecurity Sensemaking Corporate Sensemaking: Establishing an Intelligent Enterprise OODA’s leadership and analysts have decades of direct experience helping organizations improve their ability to make sense of their current environment and assess the best courses of action for success going forward. This includes helping establish competitive intelligence and corporate intelligence capabilities. Our special series on the Intelligent Enterprise highlights research and reports that can accelerate any organization along their journey to optimized intelligence. See: Corporate Sensemaking Artificial Intelligence Sensemaking: Take advantage of this mega trend for competitive advantage This page serves as a dynamic resource for OODA Network members looking for Artificial Intelligence information to drive their decision-making process. This includes a special guide for executives seeking to make the most of AI in their enterprise. See: Artificial Intelligence Sensemaking COVID-19 Sensemaking: What is next for business and governments From the very beginning of the pandemic we have focused on research on what may come next and what to do about it today. This section of the site captures the best of our reporting plus daily daily intelligence as well as pointers to reputable information from other sites. See: OODA COVID-19 Sensemaking Page. Space Sensemaking: What does your business need to know now A dynamic resource for OODA Network members looking for insights into the current and future developments in Space, including a special executive’s guide to space. See: Space Sensemaking Quantum Computing Sensemaking OODA is one of the few independent research sources with experience in due diligence on quantum computing and quantum security companies and capabilities. Our practitioner’s lens on insights ensures our research is grounded in reality. See: Quantum Computing Sensemaking. The OODAcast Video and Podcast Series In 2020, we launched the OODAcast video and podcast series designed to provide you with insightful analysis and intelligence to inform your decision making process. We do this through a series of expert interviews and topical videos highlighting global technologies such as cybersecurity, AI, quantum computing along with discussions on global risk and opportunity issues. See: The OODAcast

Each year, there are one or two books that deeply resonate with me and become sticky in that I'm thinking about the book often, bringing it up in conversations, and sending out unsolicited recommendations for executives and researchers in my network to check it out. Jer Thorp's "Living in Data: A Citizen's Guide to a Better Information Future" was that book for me in 2021 so I was delighted to host Jer for a conversation on the OODAcast. Jer Thorp is an artist, writer and teacher living in New York City. He is best known for designing the algorithm to place the nearly 3,000 names on the 9/11 Memorial in Manhattan. Jer was the New York Times' first Data Artist in Residence, is a National Geographic Explorer, and in 2017 and 2018 served as the Innovator in Residence at the Library of Congress. Jer is one of the world's foremost data artists, and is a leading voice for the ethical use of big data. Jer is like the Indiana Jones of data, thriving not only in the realm of data analysis, but traveling the world to explore new ways to bring data into our local and global decision-making process. In this OODAcast, we go deep on a variety of issues to include: Jer's origin story and career experience The risks of data bias, adjacencies, and exclusion The role of data in understanding our relationship with nature How we envision and build better futures Working as citizens to derive benefit from our own data to improve our lives Lots of great stories about his data adventures and lessons learned along the way including how he was almost killed by a hippo Additional Bio Details: Jer’s data-inspired artwork has been shown around the world, including most recently in New York’s Times Square, at the Museum of Modern Art in Manhattan, at the Ars Electronica Center in Austria, and at the National Seoul Museum in Korea. His work has also appeared in a wide variety of publications, including Scientific American, The New Yorker, Popular Science, Fast Company, Business Week, Popular Science, Discover, WIRED and The Harvard Business Review. Jer’s talks on TED.com have been watched by more than a half-million people. He is a frequent speaker at high profile events such as PopTech, and The Aspen Ideas Festival. Recently, he has spoken about his work at MIT’s Media Lab, The American Museum of Natural History, MoMA, and NASA’s Jet Propulsion Lab (JPL) in Pasadena. Jer is a Rockefeller Foundation Fellow, and an alumnus of the World Economic Foundation’s Global Agenda Council on Design and Innovation. He is an adjunct Professor in New York University’s renowned Interactive Telecommunications Program (ITP), and is the Co-Founder of The Office for Creative Research. In 2015, Canadian Geographic named Jer one of Canada’s Greatest Explorers. Related Resources: Jer's Website Living in Data Book Atlas of AI

Dr. Tony Tether was the director of the Defense Advanced Research Projects Agency, DARPA, from 2001 till his retirement in 2009. DARPA is widely known for being the principle agency in DoD for research and development. DARPA is charged with investing in projects that aim for high-payoff. They fund innovative ideas, develop solutions, provide demonstrations of concepts and systems and take any other prudent action required to move the right ideas from concept to reality. In this OODAcast we examine some of Dr. Tether's formative experiences, including a very unique job he held while awaiting entry to Stanford. He was a door to door salesman and while doing that learned the importance of quickly assessing challenges that were not being addressed and then forming an ability to express what needs to be done and how to do it quickly. As we hear in the discussion, this type of approach, very consistent with the famous "Heilmeier Catechism", ended up producing a wide range of DARPA breakthroughs, including one that is now in every cell phone in the globe (next time you use your cell phone's mapping and location services, remember to thank the Fuller Brush company!). Dr. Tether also walks us through a brief history of DARPA and dives deeper into the questions Heilmeier is so famous for articulating as a requirement before funding advanced capabilities: What is the problem you want to solve? Articulate your objectives using absolutely no jargon. How is it done today, and what are the limits of current practice? What's new in your approach and why do you think it will be successful? Who cares? If you're successful, what difference will it make?(transition) What are the risks and the payoffs? How much will it cost? How long will it take? What are the midterm and final "exams" (go/no go criteria)to check for success? Other topics we discussed with Dr. Tether include: Recent proposals to double the funding of DARPA and why that may be a bad idea Concepts around cybersecurity and mitigating risks to enterprises and the nation of intellectual property theft Leadership in an age of converging technology Slides Dr. Tether Reviewed in this OODAcast are at this link: Dr. Tether Presentation Related Reading: Black Swans and Gray Rhinos Now more than ever, organizations need to apply rigorous thought to business risks and opportunities. In doing so it is useful to understand the concepts embodied in the terms Black Swan and Gray Rhino. See: Potential Future Opportunities, Risks and Mitigation Strategies in the Age of Continuous Crisis Cybersecurity Sensemaking: Strategic intelligence to inform your decisionmaking The OODA leadership and analysts have decades of experience in understanding and mitigating cybersecurity threats and apply this real world practitioner knowledge in our research and reporting. This page on the site is a repository of the best of our actionable research as well as a news stream of our daily reporting on cybersecurity threats and mitigation measures. See: Cybersecurity Sensemaking Corporate Sensemaking: Establishing an Intelligent Enterprise OODA’s leadership and analysts have decades of direct experience helping organizations improve their ability to make sense of their current environment and assess the best courses of action for success going forward. This includes helping establish competitive intelligence and corporate intelligence capabilities. Our special series on the Intelligent Enterprise highlights research and reports that can accelerate any organization along their journey to optimized intelligence. See: Corporate Sensemaking Artificial Intelligence Sensemaking: Take advantage of this mega trend for competitive advantage This page serves as a dynamic resource for OODA Network members looking for Artificial Intelligence information to drive their decision-making process. This includes a special guide for executives seeking to make the most of AI in their enterprise. See: Artificial Intelligence Sensemaking COVID-19 Sensemaking: What is next for business and governments From the very beginning of the pandemic we have focused on research on what may come next and what to do about it today. This section of the site captures the best of our reporting plus daily daily intelligence as well as pointers to reputable information from other sites. See: OODA COVID-19 Sensemaking Page. Space Sensemaking: What does your business need to know now A dynamic resource for OODA Network members looking for insights into the current and future developments in Space, including a special executive’s guide to space. See: Space Sensemaking Quantum Computing Sensemaking OODA is one of the few independent research sources with experience in due diligence on quantum computing and quantum security companies and capabilities. Our practitioner’s lens on insights ensures our research is grounded in reality. See: Quantum Computing Sensemaking. The OODAcast Video and Podcast Series In 2020, we launched the OODAcast video and podcast series designed to provide you with insightful analysis and intelligence to inform your decision making process. We do this through a series of expert interviews and topical videos highlighting global technologies such as cybersecurity, AI, quantum computing along with discussions on global risk and opportunity issues. See: The OODAcast

In this OODAcast, we talk with renowned counter-terrorism expert and career clandestine services professional Cofer Black. Cofer is best known for having been the Director of the CIA's Counterterrorism Center on 9/11 and having been part of the intelligence community warning about the near-term threat of terrorism in the United States prior to the attacks. However, his pedigree in counterterrorism issues was well established with a distinguished career in the field in high-risk areas and operations. During our discussion Cofer provides insight on a variety of issues including: How his childhood experiences traveling around Africa equipped him for the clandestine services. What it was like to be tracking al Qaeda prior to 9/11. How AQ planned to assassinate him during a high risk tour of duty overseas. How to speak truth to power and what he learned trying to provide early warning prior to 9/11. Lessons learned on leadership from a career in the intelligence community and private sector Cofer's Full Bio: Ambassador Black has had a distinguished 28-year career in the Directorate of Operations at the Central Intelligence Agency including serving as the Director of the CIA Counterterrorist Center during the 9/11 terrorist attacks. In this capacity he served as the CIA Director’s Special Assistant for Counterterrorism as well as the National Intelligence Officer for Counterterrorism. Ambassador Black was also appointed as the first State Department Coordinator for Counterterrorism with the designation of Ambassador at Large. During his CIA career, Ambassador Black served six foreign tours in field management positions. In 1995, Ambassador Black was named the Task Force Chief in the Near East and South Asia Division. From June 1998 through June 1999 he served as the Deputy Chief of the Latin America Division. After his government service, Ambassador Black transitioned to the private sector and served as Vice President for Global Operations at Blackbird Raytheon Technologies and as Vice Chairman of Blackwater Worldwide and as Chairman of Total Intelligence Solutions. In addition to numerous exceptional performance awards and meritorious citations, Ambassador Black received the Distinguished Intelligence Medal, the George H. Bush Medal for Excellence, and the Exceptional Collector Award for 1994.

Gaurav Banga is the Founder and CEO of Balbix, and serves on the boards of several companies. Before Balbix, Gaurav was the Co-founder & CEO of Bromium and led the company from inception for over 5 years. Earlier in his career, he served in various executive roles at Phoenix Technologies and Intellisync Corporation, and was Co-founder and CEO of PDAapps, acquired by Intellisync in 2005. Dr. Banga started his industry career at NetApp. Gaurav has a PhD in CS from Rice University, and a B.Tech. in CS from IIT Delhi. He is a prolific inventor with over 70 patents. In this OODAcast we talk to Gaurav about things his clients tell him are their most important priorities and gain insights modern technologists and business leaders can use to mitigate the growing cyber threats to businesses. We also examine Gaurav's views on the importance of mentors and get specific advice on how to find and leverage the right talent in a startup environment. As CEO of Balbix, Gaurav leads a team focused on providing organizations with comprehensive real-time views into breach risk. This is a daunting challenge but by applying an extensive array of well engineered AI and ML algorithms and well thought out architectures and visualizations (integrated into the workflow of decision-makers at all levels), they have met the challenge in new and very virtuous ways. For more on Balbix see: Balbix Related Reading: Cybersecurity Sensemaking: Strategic intelligence to inform your decisionmaking The OODA leadership and analysts have decades of experience in understanding and mitigating cybersecurity threats and apply this real world practitioner knowledge in our research and reporting. This page on the site is a repository of the best of our actionable research as well as a news stream of our daily reporting on cybersecurity threats and mitigation measures. See: Cybersecurity Sensemaking Corporate Sensemaking: Establishing an Intelligent Enterprise OODA’s leadership and analysts have decades of direct experience helping organizations improve their ability to make sense of their current environment and assess the best courses of action for success going forward. This includes helping establish competitive intelligence and corporate intelligence capabilities. Our special series on the Intelligent Enterprise highlights research and reports that can accelerate any organization along their journey to optimized intelligence. See: Corporate Sensemaking Artificial Intelligence Sensemaking: Take advantage of this mega trend for competitive advantage This page serves as a dynamic resource for OODA Network members looking for Artificial Intelligence information to drive their decision-making process. This includes a special guide for executives seeking to make the most of AI in their enterprise. See: Artificial Intelligence Sensemaking COVID-19 Sensemaking: What is next for business and governments From the very beginning of the pandemic we have focused on research on what may come next and what to do about it today. This section of the site captures the best of our reporting plus daily daily intelligence as well as pointers to reputable information from other sites. See: OODA COVID-19 Sensemaking Page. Space Sensemaking: What does your business need to know now A dynamic resource for OODA Network members looking for insights into the current and future developments in Space, including a special executive’s guide to space. See: Space Sensemaking Quantum Computing Sensemaking OODA is one of the few independent research sources with experience in due diligence on quantum computing and quantum security companies and capabilities. Our practitioner’s lens on insights ensures our research is grounded in reality. See: Quantum Computing Sensemaking. The OODAcast Video and Podcast Series In 2020, we launched the OODAcast video and podcast series designed to provide you with insightful analysis and intelligence to inform your decision making process. We do this through a series of expert interviews and topical videos highlighting global technologies such as cybersecurity, AI, quantum computing along with discussions on global risk and opportunity issues. See: The OODAcast

This week's OODAcast is with Kim Zetter, an incredibly well respected journalist who has been covering cybersecurity related issues for two decades.  Matt Devost talks with Kim about a wide variety of cyber-related issues including a deep dive into Stuxnet and the implications for today's security environment. Kim also shares details as to how she got into the field and how she developed relationships with the hacker community via her longstanding attendance at Def Con. Kim is an award-winning investigative journalist and author who has covered cybersecurity and national security for more than a decade, most recently as a staff writer for WIRED. Her work has also appeared in the New York Times Magazine, Politico, Washington Post and others. She has broken numerous stories about NSA surveillance, WikiLeaks, and the hacker underground, including an award-winning series about security problems with electronic voting machines. She has four times been voted one of the top ten security journalists in the U.S. by her journalism peers. She’s considered one of the world’s experts on Stuxnet, a virus/worm used to sabotage Iran’s nuclear program, and wrote an acclaimed book on the topic – Countdown to Zero Day: Stuxnet and the Launch of the World’s First Digital Weapon. Additional Resources: Countdown to Zero Day book Kim's Zero Day Substack Def Con hacker conference

In this OODAcast we provide insights into Zero Trust architectures from an experienced practitioner, Junaid Islam. Junaid is a senior partner at OODA. He has over 30 years of experience in secure communications and the design and operations of highly functional enterprise architectures. He founded Bivio Networks, maker of the first gigabyte speed general purpose networking device in history, and Vidder, a pioneer in the concept of Software Defined Networking. Vidder was acquired by Verizon to provide Zero Trust capability for their 5G network. Junaid has supported many US national security missions from Operation Desert Shield to investigating state-sponsored cyberattacks. He has also led the development of many network protocols including Multi-Level Precedence and Preemption (MLPP), MPLS priority queuing, Mobile IPv6 for Network Centric Warfare and Software Defined Perimeter for Zero Trust. Recently Junaid developed the first interference-aware routing algorithm for NASA’s upcoming Lunar mission. He writes frequently on national security topics for OODAloop.com. We discuss Junaid's approaches to zero trust networking. His approach is to always start with the needs of the business. From there he works with organizations to ensure a comprehensive assessment of the existing architecture is done, since every organization already has some elements of a zero trust approach in play. Junaid highlights that one of the biggest mistakes he sees organizations make is skipping this gap analysis and moving right to purchase of products or services. This frequently ends up being a negative to the project. Today's global businesses operate with many partners, providers and suppliers and zero trust designs must be established with this unique mix in mind to optimize the use of technology in support of core business needs. Junaid provides insights into many of the products he encounters in zero trust architecture work.   Related Reading: Cybersecurity Sensemaking: Strategic intelligence to inform your decisionmaking The OODA leadership and analysts have decades of experience in understanding and mitigating cybersecurity threats and apply this real world practitioner knowledge in our research and reporting. This page on the site is a repository of the best of our actionable research as well as a news stream of our daily reporting on cybersecurity threats and mitigation measures. See: OODA Cybersecurity Sensemaking From Solar Sunrise to Solar Winds: The Questionable Value of Two Decades of Cybersecurity Advice While the Ware Report of 1970 codified the foundations of the computer security discipline, it was the President’s Commission on Critical Infrastructure Protection report of 1997 that expanded those requirements into recommendations for both discrete entities as well as the nascent communities that were growing in and around the Internet. Subsequent events that were the result of ignoring that advice in turn led to the creation of more reports, assessments, and studies that reiterate what was said before. If everyone agrees on what we should do, why do we seem incapable of doing it? Alternately, if we are doing what we have been told to do, and have not reduced the risks we face, are we asking people to do the wrong things?  See: From Solar Sunrise to Solar Winds: The Questionable Value of Two Decades of Cybersecurity Advice If SolarWinds Is a Wake-Up Call, Who’s Really Listening? As the U.S. government parses through the Solar Winds software supply chain breach, many questions still remain as to the motive, the entities targeted, and length of time suspected nation state attackers remained intrenched unseen by the victims.  The attack stands at the apex of similar breaches in not only the breadth of organizations compromised (~18,000), but how the attack was executed. See: If SolarWinds Is a Wake-Up Call, Who’s Really Listening? Executive Level Action In Response to Ongoing Massive Attacks Leveraging Microsoft Vulnerabilities This post provides executive level context and some recommendations regarding a large attack exploiting Microsoft Exchange, a system many enterprises use for mail, contact management, calendar/scheduling and some basic identity management functions. This attack is so large and damaging it is almost pushing the recent Solar Winds attacks off the headlines. Keep in mind that till this point, the Solar Winds attack was being called the biggest hack in history. So this is a signal that the damage from this one will also be huge. See: Executive Level Action In Response to Ongoing Massive Attacks Leveraging Microsoft Vulnerabilities