OODAcast

Randall Fort is a seasoned security, intelligence and technology leader known for his grasp of enterprise mission needs and his ability to track the rapid advancing capabilities of technology to meet those needs. His background includes time as the director of global security for Goldman Sachs. He also led one of the most highly regarded teams of analysts in the world, the Department of State's Bureau of Intelligence and Research. Randy later worked at Raytheon and is now now the COO of QWERX. He has also been a long standing member of the AFCEA Intelligence Committee. Topics we discussed included: The nature of changes in both the physical and cybersecurity world that began in the mid 1990's and continue to this day The Department of State's Bureau of Intelligence and Research, with a focus on the organizational dynamics that have kept this small group performing at a masterful level Views on the cyber threat and concepts for mitigating key elements of the threat An examination of the megatrends of technology and where the convergence of multiple tech trends may be taking us Things the US intelligence community should be considering when it comes to future mission sets and the technologies required to prosecute them. The nature of the metaverse, from its beginnings in scifi to its state today to the very near future and beyond Related Resources: Randall Fort on LinkedIn The Department of State Bureau of Intelligence and Research AFCEA Intelligence Committee Related Reading: Corporate Sensemaking: Establishing an Intelligent Enterprise OODA's leadership and analysts have decades of direct experience helping organizations improve their ability to make sense of their current environment and assess the best courses of action for success going forward. This includes helping establish competitive intelligence and corporate intelligence capabilities. Our special series on the Intelligent Enterprise highlights research and reports that can accelerate any organization along their journey to optimized intelligence. See: Corporate Sensemaking The OODAcast Video and Podcast Series In 2020, we launched the OODAcast video and podcast series designed to provide you with insightful analysis and intelligence to inform your decision making process. We do this through a series of expert interviews and topical videos highlighting global technologies such as cybersecurity, AI, quantum computing along with discussions on global risk and opportunity issues. See: The OODAcast

Amr Awadallah is widely known as a founder of Cloudera. Prior to that he was working on extreme scale data solutions for Yahoo. Most recently he was VP for Developer Relations at Google Cloud. Amr has a BS in EE from Cairo University, an MS in Computer Engineering from Cairo University, and a PhD EE from Stanford University. His experiences in tech and company leadership put him in the perfect position to help bring actionable insights to decision-makers today. Topics we discussed include: Lessons from his foundational story which can inform how to inspire the youth of today to continue pursuing their dreams and reaching for deeper understanding of the world and how it works. The world before scalable data systems and the problems with old approaches to data The breakthroughs that came with the approaches detailed in Google papers on their file system and an approach called Map Reduce. What Hadoop is The Cloudera approach of making Hadoop and related capabilities safe for enterprise use The leadership approach at Cloudera Advice for founders today The biggest challenges and opportunities in enterprise IT today Views on the future of cybersecurity A discussion on the metaverse and what comes next

Sir David Omand is one of the most respected intelligence professionals in the world and author of the book How Spies Think: Ten lessons in intelligence. His career in intelligence began shortly after graduating from Cambridge in 1969 when he joined the UK's GCHQ (Government Communications Headquarters). He would later become the director of GCHQ. He also served as the first UK Security and Intelligence Coordinator, the most senior intelligence, counter-terror and homeland security position in the UK. In this OODAcast we discuss lessons in leadership from his time in the intelligence service and his views on the current threat environment, including threats to nations, corporations and citizens of the free world. We also examine how his time in intelligence informed his own models for understanding and analyzing complex situations and how this motivated him to write How Spies Think. We examine concepts critical to any corporate or government intelligence organization, including: The need to understand history for critical context (Like Churchill put it, "the further back you look, the further ahead you can see"). Why trained defense lawyers can make good deception planners How to find balance between being separate enough from decision-makers so they do not bias you but close enough so you can know their plans and know how to influence them The importance of building trust throughout the organization and with partners and consumers The new realities of the information age, including new tools at the disposal of adversaries New mental models for analysis The interview also examines Omand's lessons by use of a framework he developed to capture the essence of how intelligence analysts and operational decision makers can deal with the modern information environment through perception and analysis. He calls this the SEES model. SEES stands for: Situational Awareness: A baseline understanding of the situation gained through observation. Explanation: Contextualizing facts so they can be better understood. Estimation: The formal methods used to articulate what is known and what may be coming. Strategic Notice: The provision of actionable insights to decision-makers. This model is examined in the context of both history and current operations in a way that can inform how intelligence is used not only by governments but by businesses and citizens. Related Resources How Spies Think: Ten lessons in intelligence Sir David Omand on LinkedIn Black Swans and Gray Rhinos Now more than ever, organizations need to apply rigorous thought to business risks and opportunities. In doing so it is useful to understand the concepts embodied in the terms Black Swan and Gray Rhino. See: Potential Future Opportunities, Risks and Mitigation Strategies in the Age of Continuous Crisis Cybersecurity Sensemaking: Strategic intelligence to inform your decisionmaking The OODA leadership and analysts have decades of experience in understanding and mitigating cybersecurity threats and apply this real world practitioner knowledge in our research and reporting. This page on the site is a repository of the best of our actionable research as well as a news stream of our daily reporting on cybersecurity threats and mitigation measures. See: Cybersecurity Sensemaking Corporate Sensemaking: Establishing an Intelligent Enterprise OODA's leadership and analysts have decades of direct experience helping organizations improve their ability to make sense of their current environment and assess the best courses of action for success going forward. This includes helping establish competitive intelligence and corporate intelligence capabilities. Our special series on the Intelligent Enterprise highlights research and reports that can accelerate any organization along their journey to optimized intelligence. See: Corporate Sensemaking

Jessica Gulick is widely known for her leadership of the successful growth strategy and marketing firm Katzcy. She is also the Commissioner of the US Cyber Games, a multi-phased cybersecurity program recruiting a US Cyber Team for international competition. She is also the founder of PlayCyber, a new business line promoting cyber games and tournaments. Jessica is also the president of the board at the Woman's Society of Cyberjutsu and a driving force behind their Wicked6 cyber games. In this OODAcast we discuss Jessica's background as a cybersecurity practitioner (she is a 20-year veteran in the cybersecurity industry with proven experience in starting businesses, leading cross-functional cyber teams, co-authoring NIST Special Publications, capturing commercial and government business and running epic cybersecurity games and tournaments). We exam her passion for cybersecurity as an esport where players, fans, and companies can collaborate. We also discuss her leadership style and how that translates to her focus on helping the community as a strong advocate for diversity in the workforce. While examining Jessica's successes and lessons learned she revealed early lessons from mentors that shaped her approach to cybersecurity and continuous learning. We also learned how pursuit of the designation known as PMP ended up shaping her personal mental models and contributed to her ability to get things done. Jessica also discusses a lesson she learned from her son that will resonate with anyone seeking insights into success in the field of business. Related Reading: US Cyber Games: A multi-phased cybersecurity program featuring a US team and international competition. Katcy: A woman-owned growth strategy and marketing firm. PlayCyber: A new business line promoting cyber games and tournaments. Black Swans and Gray Rhinos Now more than ever, organizations need to apply rigorous thought to business risks and opportunities. In doing so it is useful to understand the concepts embodied in the terms Black Swan and Gray Rhino. See: Potential Future Opportunities, Risks and Mitigation Strategies in the Age of Continuous Crisis Cybersecurity Sensemaking: Strategic intelligence to inform your decisionmaking The OODA leadership and analysts have decades of experience in understanding and mitigating cybersecurity threats and apply this real world practitioner knowledge in our research and reporting. This page on the site is a repository of the best of our actionable research as well as a news stream of our daily reporting on cybersecurity threats and mitigation measures. See: Cybersecurity Sensemaking Corporate Sensemaking: Establishing an Intelligent Enterprise OODA's leadership and analysts have decades of direct experience helping organizations improve their ability to make sense of their current environment and assess the best courses of action for success going forward. This includes helping establish competitive intelligence and corporate intelligence capabilities. Our special series on the Intelligent Enterprise highlights research and reports that can accelerate any organization along their journey to optimized intelligence. See: Corporate Sensemaking Artificial Intelligence Sensemaking: Take advantage of this mega trend for competitive advantage This page serves as a dynamic resource for OODA Network members looking for Artificial Intelligence information to drive their decision-making process. This includes a special guide for executives seeking to make the most of AI in their enterprise. See: Artificial Intelligence Sensemaking COVID-19 Sensemaking: What is next for business and governments From the very beginning of the pandemic we have focused on research on what may come next and what to do about it today. This section of the site captures the best of our reporting plus daily daily intelligence as well as pointers to reputable information from other sites. See: OODA COVID-19 Sensemaking Page. Space Sensemaking: What does your business need to know now A dynamic resource for OODA Network members looking for insights into the current and future developments in Space, including a special executive's guide to space. See: Space Sensemaking The OODAcast Video and Podcast Series In 2020, we launched the OODAcast video and podcast series designed to provide you with insightful analysis and intelligence to inform your decision making process. We do this through a series of expert interviews and topical videos highlighting global technologies such as cybersecurity, AI, quantum computing along with discussions on global risk and opportunity issues. See: The OODAcast

Lance Mortlock is a Senior EY Strategy Partner. He is author of the book Disaster Proof: Scenario Planning for Post Pandemic Future, which explores ways scenario planning can help organizations be more resilient. This is a must-read book for anyone in the Risk Management field. It provides practical advice for strategists, planners, executives and board members on how to ask better questions related to the future, uncertainty, risk and strategy. In this OODAcast, we ask Lance for insights into what planners can learn from major global events from the last few decades and how scenario planning can help organizations prepare for the big shocks. Scenario Planning goes beyond simple strategy development and strategic planning. Strategic plans are almost never agile enough for the real world. Scenario planning helps organizations prepare for increasing levels of global uncertainty and complexity. When done well it results in playbooks that can help speed decision-making in the moment. Scenario Planning originated with the military and has been firmly rooted in military strategy and is continually leveraged at major military staff headquarters to map out potential futures. Students of military history may know of famous scenario planners like Herman Kahn of RAND. Kahn had met with a forward thinking executive at Shell, Pierre Wack, who became the first business leader to adapt scenario planning commercially. Lance discusses how many corporations since then have leveraged scenario planning to anticipate futures and prepare for both increased risk and opportunities. Lessons we learned from Lance include: Expected outcomes from scenario planning Repeatable methods to get the most from planning sessions How Lance's methods of scenario planning for corporations can be translated to scenario planning for individuals (which makes for some excellent career advice) Potential scenarios involving the impact of Covid-19 on the global business environment What could be the next big disruptive event The uncertainty and complexity and potential risks and opportunities associated with Artificial Intelligence Related Reading: Disaster Proof: Scenario Planning for a Post-Pandemic Future Lance Mortlock on LinkedIn Black Swans and Gray Rhinos Now more than ever, organizations need to apply rigorous thought to business risks and opportunities. In doing so it is useful to understand the concepts embodied in the terms Black Swan and Gray Rhino. See: Potential Future Opportunities, Risks and Mitigation Strategies in the Age of Continuous Crisis Cybersecurity Sensemaking: Strategic intelligence to inform your decisionmaking The OODA leadership and analysts have decades of experience in understanding and mitigating cybersecurity threats and apply this real world practitioner knowledge in our research and reporting. This page on the site is a repository of the best of our actionable research as well as a news stream of our daily reporting on cybersecurity threats and mitigation measures. See: Cybersecurity Sensemaking Corporate Sensemaking: Establishing an Intelligent Enterprise OODA's leadership and analysts have decades of direct experience helping organizations improve their ability to make sense of their current environment and assess the best courses of action for success going forward. This includes helping establish competitive intelligence and corporate intelligence capabilities. Our special series on the Intelligent Enterprise highlights research and reports that can accelerate any organization along their journey to optimized intelligence. See: Corporate Sensemaking Artificial Intelligence Sensemaking: Take advantage of this mega trend for competitive advantage This page serves as a dynamic resource for OODA Network members looking for Artificial Intelligence information to drive their decision-making process. This includes a special guide for executives seeking to make the most of AI in their enterprise. See: Artificial Intelligence Sensemaking COVID-19 Sensemaking: What is next for business and governments From the very beginning of the pandemic we have focused on research on what may come next and what to do about it today. This section of the site captures the best of our reporting plus daily daily intelligence as well as pointers to reputable information from other sites. See: OODA COVID-19 Sensemaking Page. Space Sensemaking: What does your business need to know now A dynamic resource for OODA Network members looking for insights into the current and future developments in Space, including a special executive's guide to space. See: Space Sensemaking Quantum Computing Sensemaking OODA is one of the few independent research sources with experience in due diligence on quantum computing and quantum security companies and capabilities. Our practitioner's lens on insights ensures our research is grounded in reality. See: Quantum Computing Sensemaking. The OODAcast Video and Podcast Series In 2020, we launched the OODAcast video a

Each year, there are one or two books that deeply resonate with me and become sticky in that I'm thinking about the book often, bringing it up in conversations, and sending out unsolicited recommendations for executives and researchers in my network to check it out. Jer Thorp's "Living in Data: A Citizen's Guide to a Better Information Future" was that book for me in 2021 so I was delighted to host Jer for a conversation on the OODAcast. Jer Thorp is an artist, writer and teacher living in New York City. He is best known for designing the algorithm to place the nearly 3,000 names on the 9/11 Memorial in Manhattan. Jer was the New York Times' first Data Artist in Residence, is a National Geographic Explorer, and in 2017 and 2018 served as the Innovator in Residence at the Library of Congress. Jer is one of the world's foremost data artists, and is a leading voice for the ethical use of big data. Jer is like the Indiana Jones of data, thriving not only in the realm of data analysis, but traveling the world to explore new ways to bring data into our local and global decision-making process. In this OODAcast, we go deep on a variety of issues to include: Jer's origin story and career experience The risks of data bias, adjacencies, and exclusion The role of data in understanding our relationship with nature How we envision and build better futures Working as citizens to derive benefit from our own data to improve our lives Lots of great stories about his data adventures and lessons learned along the way including how he was almost killed by a hippo Additional Bio Details: Jer's data-inspired artwork has been shown around the world, including most recently in New York's Times Square, at the Museum of Modern Art in Manhattan, at the Ars Electronica Center in Austria, and at the National Seoul Museum in Korea. His work has also appeared in a wide variety of publications, including Scientific American, The New Yorker, Popular Science, Fast Company, Business Week, Popular Science, Discover, WIRED and The Harvard Business Review. Jer's talks on TED.com have been watched by more than a half-million people. He is a frequent speaker at high profile events such as PopTech, and The Aspen Ideas Festival. Recently, he has spoken about his work at MIT's Media Lab, The American Museum of Natural History, MoMA, and NASA's Jet Propulsion Lab (JPL) in Pasadena. Jer is a Rockefeller Foundation Fellow, and an alumnus of the World Economic Foundation's Global Agenda Council on Design and Innovation. He is an adjunct Professor in New York University's renowned Interactive Telecommunications Program (ITP), and is the Co-Founder of The Office for Creative Research. In 2015, Canadian Geographic named Jer one of Canada's Greatest Explorers. Related Resources: Jer's Website Living in Data Book Atlas of AI

Dr. Tony Tether was the director of the Defense Advanced Research Projects Agency, DARPA, from 2001 till his retirement in 2009. DARPA is widely known for being the principle agency in DoD for research and development. DARPA is charged with investing in projects that aim for high-payoff. They fund innovative ideas, develop solutions, provide demonstrations of concepts and systems and take any other prudent action required to move the right ideas from concept to reality. In this OODAcast we examine some of Dr. Tether's formative experiences, including a very unique job he held while awaiting entry to Stanford. He was a door to door salesman and while doing that learned the importance of quickly assessing challenges that were not being addressed and then forming an ability to express what needs to be done and how to do it quickly. As we hear in the discussion, this type of approach, very consistent with the famous "Heilmeier Catechism", ended up producing a wide range of DARPA breakthroughs, including one that is now in every cell phone in the globe (next time you use your cell phone's mapping and location services, remember to thank the Fuller Brush company!). Dr. Tether also walks us through a brief history of DARPA and dives deeper into the questions Heilmeier is so famous for articulating as a requirement before funding advanced capabilities: What is the problem you want to solve? Articulate your objectives using absolutely no jargon. How is it done today, and what are the limits of current practice? What's new in your approach and why do you think it will be successful? Who cares? If you're successful, what difference will it make?(transition) What are the risks and the payoffs? How much will it cost? How long will it take? What are the midterm and final "exams" (go/no go criteria)to check for success? Other topics we discussed with Dr. Tether include: Recent proposals to double the funding of DARPA and why that may be a bad idea Concepts around cybersecurity and mitigating risks to enterprises and the nation of intellectual property theft Leadership in an age of converging technology Slides Dr. Tether Reviewed in this OODAcast are at this link: Dr. Tether Presentation Related Reading: Black Swans and Gray Rhinos Now more than ever, organizations need to apply rigorous thought to business risks and opportunities. In doing so it is useful to understand the concepts embodied in the terms Black Swan and Gray Rhino. See: Potential Future Opportunities, Risks and Mitigation Strategies in the Age of Continuous Crisis Cybersecurity Sensemaking: Strategic intelligence to inform your decisionmaking The OODA leadership and analysts have decades of experience in understanding and mitigating cybersecurity threats and apply this real world practitioner knowledge in our research and reporting. This page on the site is a repository of the best of our actionable research as well as a news stream of our daily reporting on cybersecurity threats and mitigation measures. See: Cybersecurity Sensemaking Corporate Sensemaking: Establishing an Intelligent Enterprise OODA's leadership and analysts have decades of direct experience helping organizations improve their ability to make sense of their current environment and assess the best courses of action for success going forward. This includes helping establish competitive intelligence and corporate intelligence capabilities. Our special series on the Intelligent Enterprise highlights research and reports that can accelerate any organization along their journey to optimized intelligence. See: Corporate Sensemaking Artificial Intelligence Sensemaking: Take advantage of this mega trend for competitive advantage This page serves as a dynamic resource for OODA Network members looking for Artificial Intelligence information to drive their decision-making process. This includes a special guide for executives seeking to make the most of AI in their enterprise. See: Artificial Intelligence Sensemaking COVID-19 Sensemaking: What is next for business and governments From the very beginning of the pandemic we have focused on research on what may come next and what to do about it today. This section of the site captures the best of our reporting plus daily daily intelligence as well as pointers to reputable information from other sites. See: OODA COVID-19 Sensemaking Page. Space Sensemaking: What does your business need to know now A dynamic resource for OODA Network members looking for insights into the current and future developments in Space, including a special executive's guide to space. See: Space Sensemaking Quantum Computing Sensemaking OODA is one of the few independent research sources with experience in due diligence on quantum computing and quantum security companies and capabilities. Our practitioner's lens on insights ensures our research is grounded in reality. See: Quantum Computing Sensemaking. The OODAcast Video and Podcast Series In 2020, we launched the OODAcast video an

In this OODAcast, we talk with renowned counter-terrorism expert and career clandestine services professional Cofer Black. Cofer is best known for having been the Director of the CIA's Counterterrorism Center on 9/11 and having been part of the intelligence community warning about the near-term threat of terrorism in the United States prior to the attacks. However, his pedigree in counterterrorism issues was well established with a distinguished career in the field in high-risk areas and operations. During our discussion Cofer provides insight on a variety of issues including: How his childhood experiences traveling around Africa equipped him for the clandestine services. What it was like to be tracking al Qaeda prior to 9/11. How AQ planned to assassinate him during a high risk tour of duty overseas. How to speak truth to power and what he learned trying to provide early warning prior to 9/11. Lessons learned on leadership from a career in the intelligence community and private sector Cofer's Full Bio: Ambassador Black has had a distinguished 28-year career in the Directorate of Operations at the Central Intelligence Agency including serving as the Director of the CIA Counterterrorist Center during the 9/11 terrorist attacks. In this capacity he served as the CIA Director's Special Assistant for Counterterrorism as well as the National Intelligence Officer for Counterterrorism. Ambassador Black was also appointed as the first State Department Coordinator for Counterterrorism with the designation of Ambassador at Large. During his CIA career, Ambassador Black served six foreign tours in field management positions. In 1995, Ambassador Black was named the Task Force Chief in the Near East and South Asia Division. From June 1998 through June 1999 he served as the Deputy Chief of the Latin America Division. After his government service, Ambassador Black transitioned to the private sector and served as Vice President for Global Operations at Blackbird Raytheon Technologies and as Vice Chairman of Blackwater Worldwide and as Chairman of Total Intelligence Solutions. In addition to numerous exceptional performance awards and meritorious citations, Ambassador Black received the Distinguished Intelligence Medal, the George H. Bush Medal for Excellence, and the Exceptional Collector Award for 1994.

Gaurav Banga is the Founder and CEO of Balbix, and serves on the boards of several companies. Before Balbix, Gaurav was the Co-founder & CEO of Bromium and led the company from inception for over 5 years. Earlier in his career, he served in various executive roles at Phoenix Technologies and Intellisync Corporation, and was Co-founder and CEO of PDAapps, acquired by Intellisync in 2005. Dr. Banga started his industry career at NetApp. Gaurav has a PhD in CS from Rice University, and a B.Tech. in CS from IIT Delhi. He is a prolific inventor with over 70 patents. In this OODAcast we talk to Gaurav about things his clients tell him are their most important priorities and gain insights modern technologists and business leaders can use to mitigate the growing cyber threats to businesses. We also examine Gaurav's views on the importance of mentors and get specific advice on how to find and leverage the right talent in a startup environment. As CEO of Balbix, Gaurav leads a team focused on providing organizations with comprehensive real-time views into breach risk. This is a daunting challenge but by applying an extensive array of well engineered AI and ML algorithms and well thought out architectures and visualizations (integrated into the workflow of decision-makers at all levels), they have met the challenge in new and very virtuous ways. For more on Balbix see: Balbix Related Reading: Cybersecurity Sensemaking: Strategic intelligence to inform your decisionmaking The OODA leadership and analysts have decades of experience in understanding and mitigating cybersecurity threats and apply this real world practitioner knowledge in our research and reporting. This page on the site is a repository of the best of our actionable research as well as a news stream of our daily reporting on cybersecurity threats and mitigation measures. See: Cybersecurity Sensemaking Corporate Sensemaking: Establishing an Intelligent Enterprise OODA's leadership and analysts have decades of direct experience helping organizations improve their ability to make sense of their current environment and assess the best courses of action for success going forward. This includes helping establish competitive intelligence and corporate intelligence capabilities. Our special series on the Intelligent Enterprise highlights research and reports that can accelerate any organization along their journey to optimized intelligence. See: Corporate Sensemaking Artificial Intelligence Sensemaking: Take advantage of this mega trend for competitive advantage This page serves as a dynamic resource for OODA Network members looking for Artificial Intelligence information to drive their decision-making process. This includes a special guide for executives seeking to make the most of AI in their enterprise. See: Artificial Intelligence Sensemaking COVID-19 Sensemaking: What is next for business and governments From the very beginning of the pandemic we have focused on research on what may come next and what to do about it today. This section of the site captures the best of our reporting plus daily daily intelligence as well as pointers to reputable information from other sites. See: OODA COVID-19 Sensemaking Page. Space Sensemaking: What does your business need to know now A dynamic resource for OODA Network members looking for insights into the current and future developments in Space, including a special executive's guide to space. See: Space Sensemaking Quantum Computing Sensemaking OODA is one of the few independent research sources with experience in due diligence on quantum computing and quantum security companies and capabilities. Our practitioner's lens on insights ensures our research is grounded in reality. See: Quantum Computing Sensemaking. The OODAcast Video and Podcast Series In 2020, we launched the OODAcast video and podcast series designed to provide you with insightful analysis and intelligence to inform your decision making process. We do this through a series of expert interviews and topical videos highlighting global technologies such as cybersecurity, AI, quantum computing along with discussions on global risk and opportunity issues. See: The OODAcast

This week's OODAcast is with Kim Zetter, an incredibly well respected journalist who has been covering cybersecurity related issues for two decades. Matt Devost talks with Kim about a wide variety of cyber-related issues including a deep dive into Stuxnet and the implications for today's security environment. Kim also shares details as to how she got into the field and how she developed relationships with the hacker community via her longstanding attendance at Def Con. Kim is an award-winning investigative journalist and author who has covered cybersecurity and national security for more than a decade, most recently as a staff writer for WIRED. Her work has also appeared in the New York Times Magazine, Politico, Washington Post and others. She has broken numerous stories about NSA surveillance, WikiLeaks, and the hacker underground, including an award-winning series about security problems with electronic voting machines. She has four times been voted one of the top ten security journalists in the U.S. by her journalism peers. She's considered one of the world's experts on Stuxnet, a virus/worm used to sabotage Iran's nuclear program, and wrote an acclaimed book on the topic – Countdown to Zero Day: Stuxnet and the Launch of the World's First Digital Weapon. Additional Resources: Countdown to Zero Day book Kim's Zero Day Substack Def Con hacker conference

In this OODAcast we provide insights into Zero Trust architectures from an experienced practitioner, Junaid Islam. Junaid is a senior partner at OODA. He has over 30 years of experience in secure communications and the design and operations of highly functional enterprise architectures. He founded Bivio Networks, maker of the first gigabyte speed general purpose networking device in history, and Vidder, a pioneer in the concept of Software Defined Networking. Vidder was acquired by Verizon to provide Zero Trust capability for their 5G network. Junaid has supported many US national security missions from Operation Desert Shield to investigating state-sponsored cyberattacks. He has also led the development of many network protocols including Multi-Level Precedence and Preemption (MLPP), MPLS priority queuing, Mobile IPv6 for Network Centric Warfare and Software Defined Perimeter for Zero Trust. Recently Junaid developed the first interference-aware routing algorithm for NASA's upcoming Lunar mission. He writes frequently on national security topics for OODAloop.com. We discuss Junaid's approaches to zero trust networking. His approach is to always start with the needs of the business. From there he works with organizations to ensure a comprehensive assessment of the existing architecture is done, since every organization already has some elements of a zero trust approach in play. Junaid highlights that one of the biggest mistakes he sees organizations make is skipping this gap analysis and moving right to purchase of products or services. This frequently ends up being a negative to the project. Today's global businesses operate with many partners, providers and suppliers and zero trust designs must be established with this unique mix in mind to optimize the use of technology in support of core business needs. Junaid provides insights into many of the products he encounters in zero trust architecture work. Related Reading: Cybersecurity Sensemaking: Strategic intelligence to inform your decisionmaking The OODA leadership and analysts have decades of experience in understanding and mitigating cybersecurity threats and apply this real world practitioner knowledge in our research and reporting. This page on the site is a repository of the best of our actionable research as well as a news stream of our daily reporting on cybersecurity threats and mitigation measures. See: OODA Cybersecurity Sensemaking From Solar Sunrise to Solar Winds: The Questionable Value of Two Decades of Cybersecurity Advice While the Ware Report of 1970 codified the foundations of the computer security discipline, it was the President's Commission on Critical Infrastructure Protection report of 1997 that expanded those requirements into recommendations for both discrete entities as well as the nascent communities that were growing in and around the Internet. Subsequent events that were the result of ignoring that advice in turn led to the creation of more reports, assessments, and studies that reiterate what was said before. If everyone agrees on what we should do, why do we seem incapable of doing it? Alternately, if we are doing what we have been told to do, and have not reduced the risks we face, are we asking people to do the wrong things? See: From Solar Sunrise to Solar Winds: The Questionable Value of Two Decades of Cybersecurity Advice If SolarWinds Is a Wake-Up Call, Who's Really Listening? As the U.S. government parses through the Solar Winds software supply chain breach, many questions still remain as to the motive, the entities targeted, and length of time suspected nation state attackers remained intrenched unseen by the victims. The attack stands at the apex of similar breaches in not only the breadth of organizations compromised (~18,000), but how the attack was executed. See: If SolarWinds Is a Wake-Up Call, Who's Really Listening? Executive Level Action In Response to Ongoing Massive Attacks Leveraging Microsoft Vulnerabilities This post provides executive level context and some recommendations regarding a large attack exploiting Microsoft Exchange, a system many enterprises use for mail, contact management, calendar/scheduling and some basic identity management functions. This attack is so large and damaging it is almost pushing the recent Solar Winds attacks off the headlines. Keep in mind that till this point, the Solar Winds attack was being called the biggest hack in history. So this is a signal that the damage from this one will also be huge. See: Executive Level Action In Response to Ongoing Massive Attacks Leveraging Microsoft Vulnerabilities

Bryson Bort is the Founder of SCYTHE, a start-up building a next generation attack emulation platform, and GRIMM, a boutique cybersecurity consultancy. He is widely known in the cybersecurity community for helping advance concepts of defense across multiple critical domains. He is the co-founder of the ICS Village, a non-profit advancing awareness of industrial control system security. Bryson is also a Senior Fellow for Cybersecurity and National Security at R Street and the National Security Institute and an Advisor to the Army Cyber Institute. In this OODAcast we examine approaches Bryson has seen make positive differences in evaluating and mitigating risks to enterprises, specifically in the domain of adversary emulation. The discussion covers: A practitioner's view of the state of cybersecurity The demise of the perimeter as a security control What leaders need to know to mitigate risk Attack, Detect and Response tools and how their automation can help continuously mitigate risks Mitre ATT&CK and how to use it to help frustrate adversaries Assisting Blue Teams, Purple Teams and Red Teams with tooling The use of cyber threat intelligence to inform automated adversary emulation More on cybersecurity: Ransomware: An update on the nature of the threat The technology of ransomware has evolved in sophistication and the business models of the criminal groups behind it have as well. The result: The threat from ransomware has reached pandemic proportions. This post provides an executive level overview of the nature of this threat. It is designed to be read as an introduction to our accompanying post on how to mitigate the threat of ransomware to your organization. See: Ransomware, an update on the nature of the threat China's Plan for Countering Weaponized Interdependence In an article entitled "The international environment and countermeasures of network governance during the "14th Five-Year Plan" period" by Xu Xiujun (徐秀军) in the February 27, 2021 edition of China Information Security, we see the continuation of China's concerns over Weaponized Interdependence and China's desire to shape a global technology and economic environment that is less influenced by Western power. Xiujun identifies concerns in several interconnected areas including cybersecurity, economic centralization, and advancement in technologies like AI, Quantum, and 5G. See: China's Plan for Countering Weaponized Interdependence If SolarWinds Is a Wake-Up Call, Who's Really Listening? As the U.S. government parses through the Solar Winds software supply chain breach, many questions still remain as to the motive, the entities targeted, and length of time suspected nation state attackers remained intrenched unseen by the victims. The attack stands at the apex of similar breaches in not only the breadth of organizations compromised (~18,000), but how the attack was executed. See: If SolarWinds Is a Wake-Up Call, Who's Really Listening? Russian Espionage Campaign: SolarWinds The SolarWinds hacks have been described in every media outlet and new source, making this incident perhaps the most widely reported cyber incident to date. This report provides context on this incident, including the "so-what" of the incident and actionable insights into what likely comes next. Russian Espionage Campaign: SolarWinds The Cyber Threat to NASA Artemis Program: NASA is enabling another giant leap for humanity. With the Artemis program, humans will return to the Moon in a way that will enable establishment of gateways to further exploration of not just the Moon but eventually the entire solar system. The initial expenses of the program will return significant advances for scientific understanding and tangible economic returns. As Artemis continues, the project will eventually deliver improvements for humanity that as of yet have only been dreamed of. But there are huge threats. For more see: The Cyber Threat To Artemis Security In Space and Security of Space: The last decade has seen an incredible increase in the commercial use of space. Businesses and individual consumers now leverage space solutions that are so integrated into our systems that they seem invisible. Some of these services include: Communications, including very high-speed low latency communications to distant and mobile users. Learn more at: OODA Research Report: What Business Needs To Know About Security In Space Also see: Is Space Critical Infrastructure, and the special report on Cyber Threats to Project Artemis, and Mitigating Threats To Commercial Space Satellites

Trond Undheim is a futurist, investor, consultant, executive, speaker, entrepreneur and podcaster. He produces widely impactful podcasts: Futurized, which tracks the underlying forces of disruption in tech, policy, business models, social dynamics and the environment, and Augmented, which reveals stories behind the new era of industrial operations. Trond is trained as a social scientist with a career in technology and innovation, and is the author of a string of books helping make sense of the dynamics at the nexus of multiple technology and societal trends, his most recent book, Future Tech, was just released. Future Tech provides a framework designed to help all of us understand and capture value from disruptive industry trends. The book explains how four sources of technology, policy, business models and social dynamics work together and how they are shaped by complex interactive environments. More importantly, the book provides recommendations and concepts for how to apply understanding of these disruptive forces to analysis. In the discussion we gain insights on how to apply Trond's framework to inform decisions being made today. Additional Resources Futurized Augmented Future Tech

Jeremy King is a trusted advisor to corporate boards and some of the nation's most elite business leaders. He is also a serial connector helping move business information on opportunities at the intersection of talent, capital, entrepreneurs and business development. Jeremy is an entrepreneur himself, creating successful executive search firms and also a game-changing non-profit we will talk a bit about later called MissionLink. Today Jeremy is the founder and President of Benchmark Executive Search. For more than 20 years, Jeremy has played a strategic role in building the leadership organizations for more than 400 growth companies, including noteworthy publicly-traded success stories. Jeremy has helped transition and guide hundreds of top federal executives and flag-officers into private sector, consulting, and board roles. In this OODAcast we discuss: A succinct articulation of the difference in leadership and management Jeremy's view on what makes a great leader How Jeremy sets about to find a leader for placement in high caliber organizations Ways we can all become better leaders Reasons to study leadership in history, including some of Jeremy's favorite historical leaders Cybersecurity and leadership, including what high performing companies are asking Jeremy to help them with in this domain The growing need for board members with cybersecurity leadership skills The non-profit MissionLink organization Jeremy co-founded The best books on Leadership An exemplar of one of the great leaders Related Resources: Benchmark Executive Search

Ben Ford is the founder of Commando Development, a firm which leverages his deep background and experience in enterprise IT as well as his years in service as a Royal Marine to the benefit of technology teams in startups and large enterprises. In this OODAcast we discuss Ben's views on the history of Commando's, from the experiences that inspired Winston Churchill prior to his forming then in World War II up to today, capturing a surprising number of lessons for business and IT leaders today. Some discussion topics: How can Winston Churchill's decisions regarding Commando Unit reporting structure inform your decision on how your enterprise AI initiatives or cybersecurity actions are organized and led? How can the metrics of legendary Commando (and trainer of OSS) William Fairbairn inform the metrics of enterprise cybersecurity? We also examine Ben's use of the OODA Loop approach in his methodologies. He calls the OODA Loop the Algorithm of Adaptation, considering it the best mental model for thinking about how we shape and are shaped by our environments. Additional Resources: Commando Dev Algorithms of Leadership

OODA CEO Matt Devost has a track record of executing on innovation via entrepreneurship. He has extensive past performance in cybersecurity, counterterrorism, critical infrastructure protection, intelligence, and risk management issues, and deep experience in delivering value in those domains via entrepreneurship. In this OODAcast, Jen Hoar extracts lessons and insights from Matt's journey that will be relevant to creators, innovators and entrepreneurs at any stage of their journey. Some topic covered: - How will you know when it is the right time to start your business? - How should you evaluate risks of the new business endeavor? - How do you establish credibility with potential investors? What about potential clients? - How do you sell? - What is the best way to listen to potential clients? - What is your story and how do you articulate it? - What doesn't work? What common mistakes have you seen or experienced yourself? Currently, Matt is the CEO & Co-Founder of OODA LLC. Prior to OODA, Matt was the EVP for Strategy and Operations at Tulco Holdings. Previously, Mr. Devost was a Managing Director at Accenture where he led the Global Cyber Defense practice responsible for Accenture's cloud, mobile, infrastructure, network, endpoint, incident response, threat intelligence, threat hunting, vulnerability management, IOT/IIOT, and red teaming offerings. Mr. Devost joined Accenture following their 2015 acquisition of the global cybersecurity consultancy FusionX LLC where he had served as President & CEO since 2010. As a Founder of FusionX, Mr. Devost helped an international clientele identify and manage dynamic threats in complex operational environments. Additional Links: Matt's writing at OODA Loop Follow Matt on Twitter Connect with Matt on LinkedIn Subscribe to Matt's Global Frequency List Matt's Book Recommendations

Max de Groen is a managing director at Bain Capital Private Equity (one of the world's leading PE firms with over $130 billion of assets under management), where he focuses on investments in infrastructure, cybersecurity, and application software as well as internet and digital media. This means is is well positioned to help us understand more about the future of technology enabled businesses. Max joined Bain Capital Private Equity in 2010. Prior to joining Bain Capital Private Equity, Max was at The Boston Consulting Group, where he consulted in the technology, financial services, and healthcare practice areas. He also serves on the board of directors of Nutanix, and Rocket Software and has also previously been involved in Bain Capital's investments in BMC Software, Symantec, and NortonLifeLock among others. Our discussion dives into Max's views on: Due Diligence and Technology Debt (and how to evaluate it prior to an investment) Where we are in the trend towards cloud computing (in many ways the trend has just begun) The reason Bain Capital invested in Nutanix and the future of hyper converged infrastructure and hybrid cloud Hot technology sectors Bain Capital is considering investments in What sets Bain Capital apart from other investment sources (the pioneered a concept called value-added investment, they partner with management teams to help build and grow great firms) Lessons learned from investing in firms like Symantec Related Resources: Bain Capital PE A CTO's Perspective on Technology Debt in M&A

Security, Risk Management and Intelligence professionals all know of Jim Clapper. He had a long and distinguished career in the US Air Force, which included leadership spanning the Vietnam era all the way to the end of the Cold War. By the time he retired he was a three star General, leading the Director of the Defense Intelligence Agency. After retirement he would later return to government service as head of the National Imagery and Mapping Agency just three days after 9/11. In 2007 he was named the Pentagon's top intelligence official (USDI), serving as an appointee in both the Bush and Obama administrations before President Obama appointed him DNI. He is author of the book "Facts and Fears: Hard truths from a life in intelligence." In this OODAcast we sought to extract lessons from General Clapper's career relevant to intelligence professionals in and out of government. We get behind the scenes looks at the sometimes frustrating situations he was placed in early in his career and lessons that flowed from frustrations, including anecdotes that drive home the reality of what intelligence is supposed to be. Intelligence professionals in and out of government will hear first hand the dangerous temptations put on intelligence professionals to do what is easy and why the easy path can lead to irrelevance. Ever heard of a "self-licking ice cream cone?" We explore the caution of that phrase, which is a warning to not just produce intelligence for intelligence sake. Intelligence must be produced for a purpose and disseminated to those who need it. We also examine the tendency of some in the intelligence community to want to be historians, focused on exploring what happened instead of what will happen next. Reputation of military intelligence cultures are also examined. We examine cyber intelligence, and the perception of some that the intelligence community is falling into the trap of just being historians there. But we also dive into what can be done to change this situation including changes in legislation and funding and prioritization. Whether you are in commercial business intelligence or the government intelligence community there are lessons for you from the successful Osama Bin Laden raid of 2 May 2011 and we examine some of them in this OODAcast. If you are in the commercial sector and do not run your own operational military units you may be wondering what these lessons are. As you will find in the video, the success was based on being proactive about intelligence. Making assessments, seeking information, validating or refuting hypotheses, making new assessments and continually hunting for the right data. This success focused approach is required in any successful intelligence effort. We ask for insights and tips on how to provide intelligence to incredibly busy decision makers. Cut away the fluff, he says, know what two or three points to make, make them, and stop. This can be hard, it is almost always easiest to drone on. But investing in making points succinctly and clearly are key. General Clapper's management and leadership style reflects a belief that people should be treated with respect, and in most professional situations you should assume you are interacting with people that are competent and are set on doing the right thing, unless you get information that indicates otherwise. This approach comes with some risks but has helped bring out the best in teams he has led. We talk about this and many other leadership lessons including an example where his mother demonstrated to him an enduring lesson about bravery and an ability to take action at the moment needed to do the right thing. This happened in 1952 at Chitose Air Force base in Japan, and young Jim Clapper was at the Officer's club with his parents. Watching how his mother proactively worked to demonstrate that all races are welcome at her table left a mark on him he explains well in this discussion. This story is the kind of thing they make movies about, and is well worth hearing and reflecting on today. We also talk about operational intelligence, and get an excellent briefing from General Clapper on the dynamics in the geopolitical situation with China and Russia. Additional Resources in and references on Intelligence: A Practitioner's View of Corporate Intelligence: Organizations in competitive environments should continually look for ways to gain advantage over their competitors. The ability of a business to learn and translate that learning into action, at speeds faster than others, is one of the most important competitive advantages you can have. This fact of business life is why the model of success in Air to Air combat articulated by former Air Force fighter pilot John Boyd, the Observe – Orient – Decide – Act (OODA) decision loop, is so relevant in business decision-making today. Useful Standards For Corporate Intelligence: Discusses standards in intelligence, a topic that can improve the quality of all corporate intelligence eff

R "Ray" Wang is the Founder, Chairman and Principal Analyst of Silicon Valley based Constellation Research Inc., a research and advisory firm which studies disruptive business and exponential technology trends. You very likely have heard of Ray before. He is active on social media (follow him here). He is also frequently interviewed in media outlets such as the Wall Street Journal, Fox Business News, CNBC, Yahoo Finance, Cheddar, CGTN, Tech Crunch, ZDNet, Forbes, and Fortune. Ray is the co-host and co-founder of the widely watched DisrupTV, a weekly enterprise tech and leadership webcast that averages 50,000 views per episode. He's also the author of the popular business strategy and technology blog "A Software Insider's Point of View". Since 2005, Ray has delivered hundreds of live and virtual keynotes around the world that are inspiring and legendary. Wang has spoken at almost every major tech related conference, including Salesforce's Dreamforce, Adobe Summit, IBM Think, HR Tech Conference, Microsoft's Conferences, Google Next, and the sessions at Davos for various clients. Ray is a great leader, evidenced by the people he has attracted to his firm. I know many of his team and can say for a fact that they are people who can do just about anything they want (which means they are in a position to pick their boss). Ray is also an entrepreneur, and in this OODAcast provides context anyone thinking of starting out on their own should consider. One of many anecdotes he provided was an insightful recap of a conversation he had with his then boss at Forrester Research, George Forrester Colony, which made it clear to Ray that he faced a choice. He could work at a place that wanted to motivate him to be as average as possible or he could go out on his own and create his future himself. Ray is one of the most prolific writers and thinkers in this space, which includes bestselling books. His 2015 "Disrupting Digital Business" provided insights into ways businesses could create authentic, trustable experiences for clients and optimal experiences for employees in an age where the economy focuses less on products and services and more on experiences and outcomes. We also ask Ray for early context on his latest book, "Everybody Wants to Rule The World", which brings new lessons on surviving and thriving in a world of digital giants like Amazon, Google and Facebook. The book may help you steer your business to success in an age where many will be crushed by the powerful forces unleashed by large firms like these. Why read this book? Because if you don't, you may well be crushed. Imagine the incredibly tech savvy Dominos Pizza, who really should be lauded for their embracing new technologies and disrupting the pizza business through technology. But now are in total danger of being crushed by an amazing, but previously unforseen model, which enables firms by companies that don't have stores, that don't sell pizzas, and don't have their own drivers, but that can deliver. The food aggregators, like postmates , Doordash etc, don't have to invest the capital to make pizza in order to make money from the transaction. This is just one of many examples, Ray also tells us how to crush LG and Samsung, for example, using the new approaches to platform based dynamics. We ask Ray for his insights on many other tech topics, including quantum computing, quantum security (he says it is like running a bulldozer over a thatch hut), Bitcoin and Cryptocurrencies. Additional Resources: Constellation Research Ray Wang on LinkedIn Everybody Wants to Rule The World Disrupting Digital Business

Lisa J. Porter has successfully lead some of the world's largest and most critical technology efforts. Her career started with a focus on academic rigor in pursuit of some of the toughest degrees, a B.S. in Nuclear Engineering from MIT and a PhD in Applied Physics from Stanford. She would later lecture at MIT and then became a researcher for DARPA related projects, eventually becoming a DARPA program manager. Dr. Porter would later lead NASA's Aeronautics Portfolio, would become the first Director of the Intelligence Community's IARPA, became President at Teledyne Scientific and an EVP at In-Q-Tel, and then was named to be the Deputy Under Secretary of Defense for Research and Engineering, an office which is essentially the CTO for the entire Department of Defense. She now co-leads a consultancy she formed with Michael Griffin (LogiQ). In this OODAcast we explore Lisa's approach to leadership in the technology domain. Some themes from the discussion: Her comments throughout point to an ability to focus and decide what she would pursue with a determination to accomplish her goals. For example, early on she had a determination to dig into topics associated with solutions around future energy needs and pursued her undergraduate in nuclear engineering. She later acted on a determination to support national security. Like many others she faced a changing moment when the attacks of 9/11 happened. We review how Tony Tether looked her in the eye and convinced her to make the right choice and knew it was time to change. Through her career she was continually placed in situations where she needed to adapt and overcome and in every case rose to the occasion. She recounted several situations in her early career where she learned from role models, including previous generations of great technology leaders like George Heilmeier (famous for Heilmeier's Rules, which are pasted below), and Tony Tether. We discussed how some technologists are fantastic individual contributors but are not so good at leadership, and learn lessons on how we can all get better in our individual leadership abilities. We saw example after example of ways leaders are able to seek out others to learn from including learning how to do things differently. Technology leaders Lisa looked up to frequently had to take courageous stances because they knew they needed to and this theme of courage is one that applies to leaders across multiple domains of course, but in this case we dive in to examples Heilmeier and others gave Lisa. How to push for quality and setting standards and being willing to understand that some people might not like what you are doing and may not like you at all. This means it is never going to be easy to take on the role of leader. Strategies for avoiding mediocrity and pursuing excellence through application of leadership principles. Lessons in creating new organizations in government and the knife fights that come with that (and need for courage, clarity and transparency and drive to bring new capabilities into existence). The virtuous role of In-Q-Tel and the phenomenal job being done by Chris Darby and his team ( There is a secret to success discussed here that will almost certainly apply to any other organization that wants to perform at this level). Advice for CEOs on how to bring capabilities to the attention of government. How can leaders of large organizations generate positive change (using the example of DoD's need to pursue new strategy and actions around 5G). The one true job of a leader. Her view on securing systems "I have never seen a secure system, nor have you or anyone else." She underscored how the approach now known as zero trust is one she strongly endorses because it flows from the approaches used by the savvy for years, including the approach of the intelligence community operators who had to learn to operate in domains of no trust (see, for example, the Moscow Rules of Cybersecurity). Her view, yes raise defenses, but know that trust is a vulnerability and employe the zero trust philosophy. What is she reading? Marcus Aurelius and his meditations, which she most strongly recommends for its context and its inspiration. And Sapiens by Harari. Heilmeier's Rules: Lisa discussed the courage she saw in leaders like George Heilmeier, including the courage to stand up to large interests that will try to push there parochial interests through decision-makers, at times trying to do so by throwing their weight around or bully or seek to claim some ultimate wisdom. One of the way Heilmeier dealt with that was to force all who came to DARPA with a new idea or request to answer a set of very simple to understand questions which are still in use today. These simple questions, now called Heilmeier's catechism or Heilmeier's rules, were not always simple to answer, especially if an idea was not firmly rooted. They are: What are you trying to do? Articulate your objectives using absolutely no jargon. How is it done today, and

Nate Fick's career has been eclectic, but with a common element of demonstrating superior leadership abilities in a diverse array of successful opportunities. Nate is currently a General Manager at Elastic, having joined the firm with their acquisition of Endgame where he served as CEO. Graduating from Dartmouth, Nate took an unconventional path of joining the military and serving as a USMC officer leading some of the first U.S. troop deployments into Afghanistan and Iraq after the September 11th terrorist attacks. His service in the military is chronicled in his New York Times best selling book One Bullet Away. The book was also a Washington Post "Best Book of the Year," and one of the Military Times' "Best Military Books of the Decade." Nate also served as the head of the esteemed national security focused non-profit think tank, the Center for a New American Security and has had a ten year tenure as an operating partner at Bessemer Venture Partners. In this OODAcast, Nate shares His observations on leadership in a variety of roles Where the emerging threat landscape is going How we should focus on increasing the yield of our cybersecurity initiatives with new technologies and approaches Why he wrote his best-selling book What philosophy allowed him to adapt to change as a soldier that carried forward into his business career Podcast Version: Additional Reading: Nate's book One Bullet Away Meditations by Marcus Aurelius Drive: The Surprising Truth About What Motivates Us by Daniel H. Pink Turning the Map in Cyber Elastic Security

Lieutenant General Robert Ashley, USA (ret) was the 21st Director of the Defense Intelligence Agency (DIA). He retired in November 2020 after over 36 years of active-duty service as an intelligence officer. He had previously served as the Army's lead for all intelligence (the Army Deputy Chief of Staff, G-2), where he was the senior advisor to the Secretary of the Army and Army Chief of Staff for all aspects of intelligence, counterintelligence and security. During his long career he commanded organizations charged with gaining insights into adversary intentions and making them actionable for decision-makers. This included work overseas including six combat tours in Iraq and Afghanistan as a squadron, brigade commander, and Deputy Chief of Staff for Intelligence (J-2). Other tours included assignments leading intelligence for the Army Joint Special Operations Command; United States Central Command; and for all US forces in Afghanistan. He also led Army intelligence training and education. This OODAcast focuses on lessons for leaders of any organization, commercial, government or military. Some of the more enjoyable and interesting lessons come from being in the room with other great leaders. Imagine being in daily sessions with great's like General Mattis. Consider the lesson you would take away when you see General Mattis leveraging mentors. Time after time we see great, well read decision-makers continually seeking inputs from others, even when they have reached the pinnacle of leadership echelons. Ashely's personal approach certainly has involved mentors and he mentions many, but his methods included learning of decision-making methods from any source. He called this approach being a "student of the human condition." The military's methods of continuing to grow and mature senior leaders is also discussed. These professional methods clearly pay off and could benefit any large commercial organization as well. General Ashley is well versed in mental models and decision-making and he references many. The OODA Loop of course, but the intelligence cycle, military COA development and others are also referenced. He also provides, in hindsight, an opinion on the most important decision he made as Director of DIA, something that may well be far more important than knowing what mental models to apply to what situation. One of the early critical thinking methods the military instilled in Ashley was a deep respect for history and a need to continue to examine lessons from the past that can be applied to today. His early exposure to this critical method of learning is directly related to the constant learning through reading that many in today's officer corps embody. Some of the books that has captured his attention lately include: The Gray Eminence: Fox Conner and the Art of Mentorship. This story of Fox Conner captures the incredible influence this individual had through mentoring others to great leadership. Some who credited him with their success include George Marshall, Ike Eisenhower and George Patton. First Principles: What America's Founders Learned From the Greeks and Romans and How That Shaped Our Country. By Pulitzer Prize winning author Thomas Ricks, this book underscores the importance of knowing which lessons from history are most relevant. The Return of Great Power Rivalry: Democracy versus Autocracy From The Ancient World To The U.S. and China. Some great historical context on why Democracies are better.

Ellen McCarthy is a highly accomplished and distinguished executive whose career started as a junior analyst and ended up reaching to the very highest echelons of the US intelligence community. In this OODAcast we explore lessons learned from her journey, capturing insights that can inform actions for those at any stage of a career. Ellen's career began at the office of Naval Intelligence. She then moved to Norfolk and the Atlantic Intelligence Center (where we first met). She moved back to DC and would later lead all intelligence activities for the US Coast Guard as their director of intelligence, then joined DoD's office of the undersecretary of defense for intelligence working strategy and human capital management. Later she led the non profit public private partnership INSA (the intelligence and national security alliance), helping make that organization what it is today. She returned to government service as chief operating officer of the National Geospatial Intelligence Agency (NGA), then later led the firm Noblis as its president. Ellen was then appointed the Assistant Secretary of State for Intelligence and Research (INR), where she lead an organization famed for the highest quality of analysis in the US IC. We examine her leadership style, which was informed by exposure to several types of leaders early on in her career. Over time she developed a knack for creating visions that could help others form up on a unified purpose. She also thrived in the domain of executive action, which could come in incredibly handy when appointed to the number three position at the National Geospatial Intelligence Agency (NGA). We discuss examples of her decision-making and tools any of us can put in place to optimize our perspectives. This includes the strong recommendation to know history. In her case she benefited from a deep dive into the history of one of the great transformational leaders of the intelligence community, Wild Bill Donovan, creator and leader of the Office of Special Services (OSS), a forerunner of the organization she would later lead, the Department of State Bureau of Intelligence and Research.

Robert Wallace spent a 33 year career with the Central Intelligence Agency and is widely known for the very well done books he and co-author Keith Melton have produced on the history, culture and tradecraft of intelligence (including the SpyCraft book which was turned into a Netflix series and the Spy Sites series of books documenting the intelligence history of Washington DC, New York and Philadelphia). This OODAcast examines Robert's career from the beginning, resulting in interesting stories and insights into his leadership and management style relevant to any leader in business or government today. His professional life began as he received an MA in Political Science from Kansas University in 1968 and then received a draft notice which resulted in his two years of service in the US Army, including service in Vietnam's Mekong Delta leading long-range reconnaissance patrol teams. In the CIA his initial assignments were as a field case officer. He rose through the ranks at the agency and was Chief of Station in three locations where he directed the full range of CIA activities. Upon returning to headquarters he worked on budgets for the agency and defended spending in front of congressional oversight committees. In 1995 Robert became deputy director of the Office of Technical Service (OTS) and in 1998 was appointed its director. The OTS is the organization most analogous to the "Q" branch in James Bond movies, responsible for creating spy devices and capabilities necessary to conduct clandestine operations with safety and security. You will find Robert's observations on both leadership and management at the CIA not only interesting but directly transferable and applicable to leading any large organization. And his insights into the value of intelligence for the nation and the value of information for companies is also brought to light. Robert's book collaboration with Keith Melton began with the 2008 book Spycraft, soon followed by The Official CIA Manual of Deception and Trickery. Their Spy Sites trilogy captures the history of American espionage from the Revolutionary War to today. Additional Resources: Spy Sites Philadelphia Spy Sites New York Spy Sites Washington DC Every Time I Get Stabbed In The Back My Fingerprints Are On The Knife Cyber Crisis: Protecting Your Business from Real Threats in the Virtual World The Splendid and the Vile

Blake Bartlett is the CEO of Janes, the well known and trusted provider of open source defense intelligence. In this OODAcast we examine lessons learned from Blake's career and path from a young student with a desire for a career in sports to success in the domain of sales. Blake believes sales is a perfect area for someone who has harnessed their passion for sports and winning and the ability to connect with people. From there he grew to leadership of several highly regarded market intelligence organizations culminating in his current role as the CEO Janes, the first and arguably most highly successful provider of open source analysis for defense intelligence. Blake's insights into success with sales is relevant across multiple domains of products and services, and has clearly served him well throughout his entire career. And his ability to connect with people and form trust based relationships has also clearly helped him as he needed to connect with customers, employees and stakeholders of Janes when he tool the helm in 2014. Janes is a widely known brand with a rich history. The firm began in 1989 when Fred T. Jane began selling encyclopedic insights and sketches of ships in the now iconic "Janes Fighting Ships". From that beginning Janes evolved into a major media publisher, then with the rise of the Internet age evolved into online services and now has evolved more into a provider of verifiable, trusted and accurate open source intelligence across defence equipment, military capabilities, security and defence budgets, markets and forecasts. Blake walks us through his assessment of the strengths of Janes when he assumed his leadership position including the trust and strength of the brand, but also spells out clearly how he recognized the need for change. The way one of his customers put it was that Janes was in danger of becoming the "Blackberry of the information industry " where data and information was the best but the hardest to find. This motivated a push to make Janes information more findable, digestible and actionable by users and resulted in the Janes of today. In the discussion we examine some of Janes more interesting capabilities including new applications available now to any analyst seeking insights in to defense capabilities and operations of nations around the world. Janes now provides streams of data to organizations that want to integrate these insights into their own systems but also provides advanced applications that enable analysts to interoperate directly with data and analysis. Their content includes: - More than 40,000 profiles of military equipment (air, land and sea) in production and use around the globe - Inventories for more than 190 countries, ORBATs for 17,700 military units and 8,900 bases - Structured, consistent database of events related to terrorism, risk and security - Defence budgets for 105 countries and procurement programmes across military aircraft, combat vehicles and military ships - Market assessments, opportunities across 19 markets and data on over 7,000 defence industry organisations - Security assessments and analysis of CBRN response capabilities, production and proliferation Janes also provides training and education on the art and tradecraft of open source intelligence and services and support to organizations seeking to operationalize Janes capabilities to optimize decision-making. For more see: Janes.com

Michele Wucker is specialist in risk management and crisis anticipation and is author of the book "The Gray Rhino: How to Recognize and Act on the Obvious Dangers We Ignore". While we've all become familiar with Taleb's concept of Black Swans, we must equally become intimately aquatinted with Wucker's Gray Rhinos as they provide more obvious opportunities for actually anticipating and managing risk. During this interview, Michele takes us through the concept of Gray Rhinos with real-world historical examples, discussion of future Gray Rhinos, and strategies for engaging in real actions to identify, respond to, and mitigate future Gray Rhinos in business, society, and global affairs. The concept of a Gray Rhino is hugely important and has become embedded in how we evaluate risks at OODA with our customers. More about Michele Applying three decades of global experience in media, finance, and non-profit management and content creation, I help decision makers take a fresh look at and improve their strategies for confronting obvious but under-addressed business and policy challenges. My next book is YOU ARE WHAT YOU RISK: The New Art and Science of Navigating an Uncertain World (Pegasus Books, April 2021). YOU ARE WHAT YOU RISK is a sequel of sorts to THE GRAY RHINO: How to Recognize and Act on the Obvious Dangers We Ignore (St Martin's Press 2016), an international bestseller with translations published in Hungary, Korea, China, Taiwan, Norway, and forthcoming in Brazil. It has been highly influential in Chinese financial risk policy. I also am the author of LOCKOUT: Why America Keeps Getting Immigration Wrong When Our Prosperity Depends on Getting It Right (Public Affairs, 2006) and WHY THE COCKS FIGHT: Dominicans, Haitians, and the Struggle for Hispaniola (FSG/Hill & Wang, 1999), a social and political history of the Dominican Republic's turbulent relationship with Haiti and the United States. Specialties: risk management, crisis anticipation, global finance, global economic trends, global risk, debt crisis, global immigration trends, economic impact of immigration, citizenship regimes, China, Latin America, Dominican Republic, Haiti, Europe, emerging markets, leadership, women. More Information: Michele's Full Bio The Gray Rhino: How to Recognize and Act on the Obvious Dangers We Ignore You Are What You Risk: The New Art and Science of Navigating an Uncertain World Michele on Twitter

Vikram Sharma is the founder and CEO of Canberra Australia based QuintessenceLabs. His company provides solutions based on quantum technology to strengthen cryptographic key creation and management at scale. This is an urgent need in this era of increasingly sophisticated cyberattacks, and key to protecting data now and into the future. Q-Labs uses the world's fastest random-number generator to create the strongest possible encryption keys, and integrates them into advanced key management and encryption capabilities, protecting banks, governments, and other enterprises around the globe. In this OODAcast we ask Vikram for his views on what every CEO, including non-technical CEOs, need to know about the world of quantum effects. He provides explanations in very clear ways that can help inform business strategies. For example, years of theory and research followed by decades of scientific experiments show these four unusual concepts at play at the quantum level: A particle can be a wave and a wave can be a particle. Two particles can behave as if they know what the other is doing, even when separated Measuring a particle changes it At totally random, unpredictable intervals, sometimes small bits of matter come into existence and then go away again Vikram provided an easy to follow description of many other aspects of this nature of reality at its lowest level, and then led us to a deeper understanding of how quantum computers leverage physics of the real world to change the ways humans can compute. For more see: Quantum Computing Sensemaking: Guide to other OODAloop research on Quantum Computing and Quantum Security. The Executive's Guide To Quantum Computing: What business decision-makers need to know now about quantum superiority The Executive's Guide To Quantum Safe Computing: Take these steps to make your enterprise quantum proof Is Quantum Computing Ushering in an Era of No More Secrets?: Context from OODA's Matt Devost on the very near future of quantum computing. What To Do About Quantum Uncertainty: Guess what, besides uncertainty at a quantum level there is great uncertainty among business and policy makers regarding Quantum Computing. AI, quantum computing and 5G could make criminals more dangerous than ever, warn police: Quantum is one of many emerging technologies that law enforcement professionals are tracking Intel offers AI breakthrough in quantum computing: This article is more about quantum simulations for AI, but shows the ecosystem that is developing around the technology Quantum Computing That Can Crack Modern Encryption More Than a Decade Away: When we see reports like this we wonder what qualifies the experts to say this. But in this case the experts are the National Academies of Sciences. Could quantum computers render current bitcoin and most blockchain cryptography powerless?: There is a worry that new algorithms that could run on quantum computing could attack blockchain and asymmetric encryption.

Rob Richer is a highly regarded advisor to international executives and global government leaders including several heads of state. Rob has a well informed perspective on international risks and opportunities and an ability to analyze and distill observations in a way that is meaningful for your decision making process. In this OODAcast we cover the current state of global and domestic affairs, key leadership and decision-making lessons learned derived from Rob's extensive CIA career. As a bonus, we talk to Rob about how the character Mitch Rapp is based upon him. Rapp is the main character in a 18 book series by the late bestselling author Vince Flynn. One of the books was also produced into the film American Assassin. Rob Richer retired in November 2005 from the Central Intelligence Agency as the Associate Deputy Director for Operations (ADDO). Prior to his assignment as the ADDO in 2004, Richer was the Chief of the Near East and South Asia Division, responsible for Clandestine Service Operations throughout the Middle East and South Asia. Mr. Richer has been awarded numerous awards and commendations from a number of foreign governments. Additionally during his Agency career, he has received commendations and awards to include the Intelligence Commendation Medal in both 1993 and 1996; the Director's Award in 2004 and in March 2006, Mr. Richer was awarded the Distinguished Career Intelligence Medal. Additional Information: Mitch Rapp Series A State of Mind: Faith and the CIA A Quiet Cadence: A Novel The Spymasters: How the CIA Directors Shape History and the Future Word of Honor

This week's OODAcast features an interview with Camila Russo, the author of the book "The Infinite Machine: How an Army of Crypto-hackers Is Building the Next Internet with Ethereum". Camila is also the founder of the Decentralized Finance (DeFi) site The Defiant, which tracks developments, emerging trends, and news in the fast moving DeFi space. In this interview, Camila shares how her experience covering fiat currency issues as a reporter for Bloomberg sparked her interest in Bitcoin and how she focused her attention on the Ethereum project early in its development. We discuss Camila's book and the emergence of Ethereum as well as the most interesting applications of Ethereum, future disruptions, and the general trends driving the DeFi space. Apologies for the dog barking. We did our best to minimize it, but a shared reality of our work-from-home existence. Camila's book was one our picks for top 10 Security, Technology, and Business books of 2020. Additional Resources: The Defiant Camila on Twitter The Infinite Machine on Amazon

Former Congressman Will Hurd joins us on this episode of OODACast to discuss what he has learned about business and entrepreneurship from a diverse career in the intelligence community, elected office and the private sector. Will has successfully leveraged the skills of a CIA operations officer in a variety of contexts, including the founding of cybersecurity firm FusionX with OODA co-founder, Matt Devost. Will most recently served in Congress as the representative for Texas' 23rd district from 2015 to 2021. In our OODACast discussion, Will provides practical, motivating guidance on how to develop new contacts and leads, cultivate client relationships, make an "ask" confidently and effectively, and close deals. He has leveraged all of these skills in his capacity as an intelligence officer overseas, a fundraiser for political office, a co-founder of FusionX, not to mention his parents' cosmetics business when he was a kid! Will explains how to prepare to meet new contacts and make client meetings purposeful. He shares that one must be specific and concrete when making an "ask" of a client, partner, donor or any professional interlocutor. He emphasizes that practicing, even role-playing, is the key to shedding the discomfort of pitching and negotiating. Tune in for this robust conversation if you want to become better at selling, negotiating and closing, and learn how from a leader in intelligence, politics and business.

Kathy and Randy Pherson both had successful careers in the US Intelligence Community, where they pioneered new analytical methods and would later help bring those methods to widespread adoption in the community. Both are also successful business leaders who created companies that build value for others. In the OODAcast we discuss the third edition of their book: Critical Thinking for Strategic Intelligence. They provide their context on what a good intelligence program in industry or government looks like, how to avoid out for cognitive bias and cognitive traps, how to be proactive in data collection and processing, and how to produce intelligence in ways that can be consumed by decision-makers. The also provide insights from the latest cognitive science and do it in a way that can help any analyst in any enterprise improve. We also examine what critical thinking is, and how to teach it. Kathy reviews what she calls the "5 habits of the critical thinker", which includes: Examine your key assumptions Consider multiple alternatives Look for disconfirming data Look for drivers underneath your topic and finder indicators of future action Understand the context and how the issue is framed, through framing seek to understand Kathy and Randy have had a very interesting career together (they were the first married couple to join and spend a full career at the CIA). One aspect of their career I found particularly interesting was their work with the famous Richards (Dick) Heuer. Dick had taught Randy on topics like counter deception, and was later a contractor under Kathy. Years later Dick and Randy would work together on books including one on Structured Analytic Techniques for Intelligence Analysis. We hope you enjoy meeting them and learning from them in this OODAcast. Other related reading: A Practitioner's View of Corporate Intelligence: Organizations in competitive environments should continually look for ways to gain advantage over their competitors. The ability of a business to learn and translate that learning into action, at speeds faster than others, is one of the most important competitive advantages you can have. This fact of business life is why the model of success in Air to Air combat articulated by former Air Force fighter pilot John Boyd, the Observe – Orient – Decide – Act (OODA) decision loop, is so relevant in business decision-making today. Useful Standards For Corporate Intelligence: Discusses standards in intelligence, a topic that can improve the quality of all corporate intelligence efforts and do so while reducing ambiguity in the information used to drive decisions and enhancing the ability of corporations to defend their most critical information. Optimizing Corporate Intelligence: Actionable recommendation on ways to optimize a corporate intelligence effort. It is based on a career serving large scale analytical efforts in the US Intelligence Community and in applying principles of intelligence in corporate America. An Executive's Guide To Cognitive Bias in Decision Making: Cognitive Bias and the errors in judgement they produce are seen in every aspect of human decision-making, including in the business world. Companies that have a better understanding of these cognitive biases can optimize decision making at all levels of the organization, leading to better performance in the market. Companies that ignore the impact these biases have on corporate decision-making put themselves at unnecessary risk.

Ric Prado has been described by CIA leadership as the closest thing to 007 that the United States has ever had. Ric's life is packed with more adventure and operations than your favorite spy novel series. Coming out of the shadows, this is Ric's first video interview and covers his career, operational decision-making lessons learned, why we need a next generation of CIA agents, and we even dive into some more obscure topics like CIA knife fighting and how he came to train the King of Jordan. Arriving in the United States as a Peter Pan refugee from Cuba, Prado dedicated himself in service to his county in many capacities that culminated professionally with a 24 year career in the Central Intelligence Agency (CIA). During his tenure at the CIA, Ric was involved with dozens of operations including spearheading the CIA's operational response to 9/11 as the Director of Operations within the CIA's Counterterrorism Center. For this response he worked with the National Security Council and FBI, as well as with elite U.S. military representatives from Delta Force and SEAL Team Six. Earlier in his Agency career his service included 36 months in Central America jungles as the first CIA officer living in the anti-Sandinista "Contra" camps and Subsequently running counter-terrorism/insurgency operations in Peru and in the Philippines. He has also held operations officer posts in six countries and was a plank-owner of the CIA's original bin Laden desk in 1996. Upon leaving public service, Ric worked at as an executive at a Private Military Contractor where he built a specialized operations team for a U.S. government customer and is currently the co-owner of Camp-X Training and continues his service training and supporting the "SPECOPS" Community as Subject Matter Expert (SME) at the SWCS' ASOT (Advanced Special Operations and Techniques) and ASOT Managers Course, Dragon Warrior, Emerald Warrior, among others. Additional Links: Ric's Bio CampX training

In this OODAcast, Bob Gourley and Matt Devost discuss Matt's picks for the Top 10 Security, Technology, and Business Books of the year. Now in its 5th year, Matt's top ten book list is one of the most popular posts of the year and we look forward to interviewing several of the authors on OODAcast in 2021. Also see the full write up of the Top 10 list here: https://www.oodaloop.com/archive/2020/12/07/top-10-security-technology-and-business-books-of-2020/

In this OODAcast we interview Michel Kwon, the founder and CEO of W@tchTower. She is a leader who has proven herself through an ability to success in three different career fields, first as a developer and programmer creating enterprise grade solutions, then as a government executive who would eventually lead the United States Computer Emergency Readiness Team (US-CERT)during a critical period in its transformation, and now as an entrepreneur and CEO adding value to enterprises seeking to reduce risk and improve cybersecurity posture. We discuss Michel's foundational story and extract lessons relevant to those starting a career today, and also dive into how she leveraged her technical skills and desire to create into a winning presentation of a new type of WiFi antenna at Defcon. This event would prove to be pivotal for her next career in the Department of Justice, and makes a clear point of use to any who may be seeking opportunities to switch careers (her focus on continued learning and intention to always be herself were at play here). We also discuss her government career and lessons learned for any professional government who would like to advance and make bigger differences for the nation. There are also lessons from Mischel's story for any leader who needs to motivate action across organizations when you are not in command. Her approach was to provide threat briefings and visions for the future that would motivate other leaders. This may be the only way that works on cross organizational efforts like those she had to lead. She also provides eye-opening anecdotes about the importance of knowing the rules (in her case, including the Constitution and the laws in place for how we protect privacy). She shares lessons and recommendations that flow from this for any commercial cybersecurity professional as well. As CEO of W@tchTower she has led the firm from its formation to a highly performing value adding partner for any business which is in need of a security operations center (SOC) or with a need to improve current SOC operations. Watchtower provides the technology, guidance and expertise to enable security operations and mitigate problems of too much data, disorganized processes, overworked analysts and hard to measure metrics. Additional Resources W@tchTower Mischel Kwon on Linkedin OODA Research Reports: Cyberwar Was Coming: A Reflection on the 25 Year Old Thesis that Predicted a Generation of Cyberconflict "You've got to read what this kid is writing out of his basement at the University of Vermont…" – recently retired CIA officer to intelligence and military colleagues in 1994. A candid 25 year retrospective on a thesis that launched a tremendous amount of dialogue and action on the issues of information warfare, cyberterrorism, and cybersecurity. See: Cyberwar Was Coming: A Reflection on the 25 Year Old Thesis that Predicted a Generation of Cyberconflict Deception Needs to be an Essential Element of Your Cyber Defense Strategy In the cyber defense community, we talk about a wide-range of risk mitigating technologies, strategies, and activities. We talk about attacker deterrence and increasing costs for the attacker. We invest in endpoint agents, threat intelligence, DLM, and other mitigating technologies on a daily basis. Here's why one of the most compelling emerging use cases for increasing attacker costs is through the use of deception. For more see: Deception Needs to be an Essential Element of Your Cyber Defense Strategy Traveling Executive's Guide to Cybersecurity: Traveling executives are frequent targets for cyber espionage. This report provides guidance for executives and their security teams on how to protect their information and technology while on the go. Produced by OODA co-founders Matt Devost and Bob Gourley, the report provides best practices, awareness of threats, and a deep understanding of the state of technology. A tiered threat model is provided enabling a better tailoring of actions to meet the threat. For more see: OODA Releases a Traveling Executive's Guide to Cybersecurity

Juan Enriquez has succeeded as a businessman, academic, author and lecturer. For those who might not have met him via any of his many appearances and presentations, he can be succinctly described as an authority on the economic and political impacts of life sciences and a thinker able to help frame the much needed discussions we all need to have on ethics. He serves on the discovery council at Harvard Medical School and was the founding director of Harvard Business School's Life Sciences Project. He are currently the managing director of Excel Venture Management, a life sciences VC firm. OODA is a community of practitioners so we want to underscore that he doesn't just write and talk about tech, he founds and leads companies that create tech, including the firm that made the world's first synthetic life form. His many books have all stood the test of time. The now 20 year old "The Future Catches You" is a very prescient look at the world of biological sciences is still a good introduction to the field. The book lead to an important conclusion, that the many changes in the biological revolution will fundamentally alter everyone's relative economic status and life expectancy and this will have consequences because only a few understand what is coming. He offered motivation to improve our collective ability to adopt and adapt to the coming era though agility in ethical, political and economic actions. His 2005 "The Untied States of America" provided a new framework for looking at the many economic, political and social dynamics underway in North America and started frank discussions on where polarization and its dynamics were taking us, providing motivation to mend existing rifts when possible. The book is now important foundational reading for anyone who wants to understand our collective situation. It is also a good reminder that just because something has not changed in a while does not mean it will endure forever. His book Evolving Ourselves takes on the fact that the old ways of evolution, driving by natural selection, is not the driver it used to be. Business leaders today need to understand that artificial selection and proactive engineering of life are forces in our new reality. His latest book, Right/Wrong: How technology transforms our ethics, makes it clear that technology advancements are connected to how humanity interprets and applies judgement on what is right and wrong. Technology changes ethics. So now in an age of exponential change in technology, we need to understand and prepare for exponential changes in ethics. Leaders in business and government, as well as citizens, need to understand this will cause issues that disrupt markets and even our legal system. In the past, right and wrong and justice was something we tried to code into our laws. Laws already can't keep up with changing tech and ethics. What will happen to our legal system when changes in ethics goes exponential? In this OODAcast, Juan provides his personal context and useful mental models business leaders can put in place to anticipate how these many changes can impact business. For more see: Excel Venture Management Right/Wrong: How technology transforms our ethics The Executives Guide to the Revolution in Biological Sciences

Masha Sedova is an award-winning people-security expert, speaker, and entrepreneur focused on helping companies transform employees from a risk into a key element of defense. She has been a part of our OODA Network for years, including speaking at our legacy FedCyber event, where she introduced the behavior-based and gamified cybersecurity training and awareness she put in place at Salesforce. She is the co-founder of Elevate Security delivering an employee-risk management platform that provides visibility into employee risk while motivating employees to make better security decisions. Before Elevate, Masha Sedova was a security executive at Salesforce where she built and led the security engagement team focused on improving the security mindset of employees, partners and customers. In addition, Masha has been a member of the Board of Directors for the National Cyber Security Alliance and regular presenter at conferences such as Black Hat, RSA, ISSA, Enigma, OWASP and SANS. Before Elevate, Masha Sedova was a security executive at Salesforce where she built and led the security engagement team focused on improving the security mindset of employees, partners, and customers. The scope of her work ran the gamut from general awareness such as phishing and reporting activity to secure engineering practices by developers and engineers. In addition, Masha is a member of the Board of Directors for the National Cyber Security Alliance and a regular presenter at conferences such as Blackhat, RSA, ISSA, Enigma, and SANS. Other Resources: Masha Sedova on LinkedIn: https://www.linkedin.com/in/mashasedova/ Elevate Security: https://elevatesecurity.com OODA Network Interview with Masha FedCyber Interview with Keynote Speaker Masha Sedova RSA Innovation Sandbox Finalist Presentation

In this OODAcast, OODA Network Expert Jen Hoar interviews noted cybersecurity and intelligence professional Bob Gourley, CTO of OODA LLC, diving deep into what makes him tick. Jen asks Bob about his career, including the constants and dynamics in his professional life, starting with a deep background in operational intelligence as a naval intelligence officer. She explores his strengths and weaknesses and how he makes decisions in domains of overwhelming information. Jen asks Bob for advice for others on ways to keep learning. A key point underscored by Bob was how organizations need to find balance between the use of technology for collection and analysis and humans for collection and analysis when it comes to understanding complex situations. Lessons on writing and how it can help a career are also examined. Jen pulls stories from Bob he has never publicly revealed, including insights into how operational intelligence drove decisions in many joint and naval operations, and how those related to the business world today. Bob's anecdotes make it clear, "Great leaders thrive on intelligence and they take action on it." For more see: OODA LLC: Providing due diligence and cybersecurity services An Executive's Guide To Cognitive Bias in Decision Making: Important insights into how human bias can impact decisions A Practitioner's View of Corporate Intelligence: An overview of what a comprehensive program entails Optimizing Corporate Intelligence: Ways to get the most out of your efforts to gain decision advantage through intelligence Useful Standards For Corporate Intelligence: There are so many ways standards can help but the wrong standards can degrade your intelligence efforts.

Like many others we have observed first hand the positive changes in the cybersecurity community being enabled by Mari Galloway. In this OODAcast we look beyond those changes to find out what makes her tick, revealing lessons applicable to professionals in any stage of their career. Mari is the CEO and a founding board member for the Women's Society of Cyberjutsu (WSC), one of the fastest growing 501c3 non-profit cybersecurity communities. WSC is dedicated to bringing more women and girls to cyber and does so by providing its members with the resources and support required to enter and advance as a cybersecurity professional. Mari is a practitioner herself with an academic background in technology, multiple certifications, and, more importantly, years of direct hands on experience in mitigating risk and enabling the smooth functioning of enterprise operations. She began her cyber career with Accenture where she excelled as a Network Engineer, and also worked at several government agencies, in the casino industry, and now in the cybersecurity platform community. Her experience spans network design and security architecture, risk assessments, vulnerability management, incident response and policy development. Mari is also the inaugural ISC2 Diversity Award winner for 2019. In this OODAcast we discuss: The Women's Society of Cyberjutsu and how businesses and individuals can get involved. We also discuss the niche of technical hands-on experiences that WSC focuses on. The Wicked6 Cybergames eSports event during Blackhat and Def Con, which turned cybersecurity into a spectator sport. Her background and how she seeks to find balance between academic training (which she continues), training/certifications (which she pursues with vigor). This discussion brings out a character trait that also applies across her work and leadership of WSC, persistence. The foundational story behind WSC. The society was started out of a need for more hands on training. The fist workshop was a fast track to linux mastery session. Other workshops followed, including sessions on reverse engineering. WSC has now expanded nationwide as a community and offers a wide range of courses including sessions that help young girls learn and grow and also help those who already have a career. As an example, she mentions Recorded Future was just brought on as a sponsor, which lets them support the cause and also gives them exposure to great upcoming talent. Mari's approach to leadership and decision-making (her approach at WSC and as a practitioner is a collegial one, but focused on results and benefits to others). Her view of the cyber threat today and in the near future (which includes more of the social engineering and phishing threats that play to our emotions). Ransomware and insider threats are also still growing.

Jerry Davis has spent decades succeeding in hard jobs supporting critically important missions. He is a decorated combat Veteran who served in he US Marines for 11 years including in Operation Desert Storm/Desert Shield. He also served in the Central Intelligence Agency in service to world wide missions including leveraging technology in denied areas against high profile targets. Jerry would later become the first CISO at the US Department of Education, then the CISO for NASA and later the CISO for the Department of Veterans Affairs. He returned to NASA as the CIO for the Ames Research Center, a position he held till 2018. Jerry currently provides strategic consulting and design assistance focused on mitigating risk to mission critical programs and activities, including some of the most interesting activities humans are planning on conducting in space. This OODAcast we ask Jerry about his approaches to leadership and management, what motivated him to pursue the hard jobs, and how his early times in the field with the CIA helped him throughout his career (he learned to be a really good critical thinker, and also credited the fact that he learned by being exposed to many different cultures, all of which translated well to the cyber world). Jerry clearly has a fond place in his heart for intelligence and the community, and makes the point that even though the IC has huge technological components, but it is really a people centered business. The importance of training and practice and honing skills was also a key part of Jerry's background including how to think on your feet. He is a believer in planning and having backup plans and backups to the backup plans. No plan survives first contact, so learn to be agile. We also examined Jerry's leadership methods in organizations that are reluctant to change but need to. Jerry also has deep experience leading security in collegial environments (like leading security for the NASA mission centers). Jerry is a future focused person who is closely tracking the US space program and its many interesting programs (like Artemis, the return of humans to the moon). We ask his views on the future and the technology and risks we all need to mitigate to optimize the future.

Paul Kurtz is an internationally recognized expert on cybersecurity and the Co-Founder and Chairman of TruSTAR. Paul began working on cybersecurity at the White House in the late 1990s. He served in senior positions relating to critical infrastructure and counterterrorism on the White House's National Security and Homeland Security Councils under Presidents Clinton and Bush. After leaving government, Paul has held numerous private sector cybersecurity positions including founding the Cyber Security Industry Alliance (Acquired by Tech America), Executive Director of SAFECode, Managing Partner of Good Harbor Consulting in Abu Dhabi, and CISO of CyberPoint International. Paul's work in intelligence analysis, counterterrorism, and critical infrastructure protection has influenced his approach to cybersecurity. Paul believes in intelligence-centric security integration and automation. Today he spends his time consulting security leaders about how to manage their intelligence across tools. Paul believes in using machine learning to help detect, triage, investigate, and respond to events with confidence. In this OODAcast we dive into Paul's views on the cybersecurity landscape today and learn more about his approach to decision-making. We discuss a new concept he has been shepherding in the community regarding how cyber intelligence can be optimized for the benefit of any organization. We also extract lessons relevant for any leader who wants to make better, more accurate and actionable decisions in competitive environments. Additional Resources: TruSTAR: An Intelligence Management platform which helps security teams accelerate automation. Paul Kurtz OODAloop Interview: Our introduction of Paul to other OODAloop members

Rear Admiral Paul Becker, USN (Retired), is an author, speaker and board member with extensive experience in intelligence operations. During his 30 year career as a naval intelligence officer he lead major operational intelligence efforts, rising to the position of Director of Intelligence (J2) for the Joint Chiefs of Staff. Upon retirement from the Navy he formed a consultancy delivering solutions and lessons learned around intelligence to corporate America. He is also a professor, teaching at the US Naval Academy and the University of Virginia. Paul is renowned for his ability to translate military leadership principles into corporate pillars of performance, productivity and profit. In this OODAcast we ask Admiral Becker for his insights into what intelligence is and how to evaluate it, the difference in leadership and management, and the nature of the shifting threats in the modern geopolitical environment. We examine some of Paul's personal heroes and discuss the continuing legacy of Colonel John Boyd. We also ask Admiral Becker about his reading habits including the books he taps into for inspiration. Related Resources: The Intelligent Enterprise Series: Special reports from OODA focused on corporate intelligence Useful Standards For Corporate Intelligence: Based on lessons learned from the US intelligence community and corporate America Optimizing Corporate Intelligence: Tips and best practices and actionable recommendations to make intelligence programs better. A Practitioner's View of Corporate Intelligence: insights aimed at corporate strategists seeking competitive advantage through better and more accurate decision-making. An Executive's Guide To Cognitive Bias in Decision Making: Cognitive Bias and the errors in judgement they produce are seen in every aspect of human decision-making, including in the business world. Companies that have a better understanding of these cognitive biases can optimize decision making at all levels of the organization, leading to better performance in the market.

Dr. Melissa Flagg is a Senior Fellow at the Center for Security and Emerging Technology (CSET) at Georgetown University. Previously she served as the Deputy Assistant Secretary of Defense for Research, responsible for policy and oversight Defense Department science and technology programs including basic research through advanced technology development and the DoD laboratory enterprise. She has worked at the State Department, the Office of Naval Research, the Office of the Secretary of Defense for Research and Engineering, the John D. and Catherine T. MacArthur Foundation, and the Army Research Laboratory. Melissa also ran her own consulting business and was the Chief Technology Officer of a small consumer start-up. She has served on numerous boards including the National Academy of Sciences Air Force Studies Board and the Department of Commerce Emerging Technology Research Advisory Committee; she is on the Board of Humanity 2050 and a full trustee with the DC Chapter of the Awesome Foundation. She holds a Ph.D. in Pharmaceutical Chemistry and a B.S. in Pharmacy. In this OODAcast we ask Dr. Flagg about her approach to decision-making, her views on technology trends, and discuss the potential impact of a wide range of critically important subjects including: Artificial Intelligence Quantum Computing Biological Sciences We also ask for her lessons learned on mental models relevant for decision making and explore her eclectic reading habits. Additional Reading: The Five Modes of HACKthink

Mark Weatherford is an icon in the cybersecurity field. He is widely known as a mission focused leader who builds teams and gets hard things done. His career included success in the US Navy as a cryptologist, leadership and management in a major defense integrator, CISO for two states (Colorado and California), CISO of the nation's regulatory organization for our power grid (the NERC), head of security efforts for the newly formed DHS, and operational CISO roles and advisory board positions for several US corporations. Our OODAcast with Mark focused on his insights for the cybersecurity community, including views on how to stay informed in dynamic environments, how to approach the position of CISO, how to optimize your career planning, and how to work with corporate boards as a CISO. He also provides advice for board members and CEOs on interacting with their CISO and security team. Mark has written on CISO leadership, including two posts for OODA members at: 10 Rules For Cybersecurity Salespeople Embracing a Future of Technical and Political Churn Other Resources: Mark Weatherford on LinkedIn Covid-19 Sensemaking Mitigating Risks To America's Cognitive Infrastructure 10 Red Teaming Lessons Learned Over 20 Years The Five Modes of HACKthink

In this OODAcast, the tables are turned as OODA Network Expert Jen Hoar interviews CEO Matt Devost and they discuss how Matt consistently identified new threats and opportunities by blending eccentric interests into a career as a serial entrepreneur and become an established expert on cybersecurity, counterterrorism, and technology issues. Having been educated in a one-room schoolhouse in the rural Northeast Kingdom of Vermont, Matt identified a way to blend his interests in emerging national security threats and computer science into a bespoke career path and took persistent risks to realize non-obvious opportunities. Matt's Bio: Matt began his professional career in 1995 hacking into systems for the US Department of Defense and Intelligence Community and over the past twenty-five years has emerged as an established thought leader in the cyber and security domains. A successful entrepreneur, he has founded several companies including FusionX & the Terrorism Research Center and played a key leadership role in a handful of successful companies including Accenture, iSIGHT Partners, iDefense, and Tulco Holdings. He has served as a senior advisor to DoD, a professor at Georgetown University for fourteen years , and is a founding member of the Black Hat review board. Matt's unique approach to technology, business, and security issues is driven by a technique he calls "HACKthink" – applying a hacker mindset to analyze and dissect complex problems and develop innovative solutions. Matt has appeared on CNN, MSNBC, Fox News, NPR, CBC, CBS News, BBC television, NWCN, Australian television and dozens other domestic and international radio and television programs as an expert on terrorism and cybersecurity and has lectured or published for the National Defense University, the United States Intelligence and Law Enforcement Communities, the Swedish, Australian, Japanese, and New Zealand governments, American University, George Washington University, and a number of popular press books – magazines, academic journals and over 200 international conferences. Matt has co-written or authored chapters for several books including Cyberadversary Characterization, Threats in the Age of Obama, Information Warfare Vol. 2, Sun Tzu Art of War in Information Warfare, Counterterrorism, and Addressing Cyber Instability. He was the technical editor for Hacking a Terror Network and best-selling author David Ignatius' book The Director, and advised on the Chris Hemsworth movie Black Hat. Additional Resources: Matt's 1995 Thesis - National Security in the Information Age Matt's Writing at OODALoop Recommended Book: If Then: How the Simulmatics Corporation Invented the Future Connect with Matt on LinkedIn Follow Matt on Twitter

Kevin Roberts has had an illustrious career spanning many industries over numerous continents including serving as Chairman and CEO of Saatchi & Saatchi, one of the world's leading creative organizations, where he had responsibility for the effectiveness of several of the world's leading advertising budgets including for clients Toyota and Procter & Gamble. Today, his company Red Rose Consulting counsels business leaders and employees on creative thinking, marketing, and leadership. Kevin is the author of several best-selling books, including an OODA Top 10 Book of the Year for 2017; 64 Shots: Leadership in a Crazy World. OODA CEO, Matt Devost has given away dozens of copies of 64 Shots and it remains a personal favorite of his for the insight and inspiration it provides. In this OODAcast, Kevin provides his perspective on leadership, creativity, decision-making, and driving focus and action to be successful in business and life. Are we living in a super-VUCA world (Volatile, Uncertain, Complex, Ambiguous)? How no plan survives the first 24 hours and how to engage in adaptive decision-making. The role data plays in decision-making and where data falls short. How leadership is about creating leaders, not great teams. The role focus plays in successful entrepreneurship. How to expand your frame of reference by studying other fields. How insights are not insightful. The link between storytelling and leadership. Hacking your way into the future. Managing through a crisis. Who inspires Kevin today and what is he reading. Additional Resources: Red Rose Consulting 64 Shots Book Quant by Quant You Need to Tighten Your OODA Loop Around Covid-19

Gary Harrington had a distinguished career of national service that included over three decades in top tier special operations groups including Delta Force and then transitioning into the CIA. Gary was one of the first to deploy into Afghanistan after 9/11 and was at the tip of the spear in many locations including as a solo operator in high risk venues like Yemen. Today Gary advises private clients on approaches to maintaining security and safety in a volatile and unpredictable world. In this OODAcast, we dive into Gary's career trajectory, and lessons learned from special operations that can be applied to any business operation or to build high-value teams. Gary shares some interesting stories as well, demonstrating where timely decisions and a tight OODA Loop saved his life and how he learned to trust his gut, operate with humility and integrity, how to work with specialized teams, and how to adapt in those instances where he found himself operating alone. Additional Sources: Gary Harrington's OODA Network Interview Gary's Website What Gary is currently reading

Michael Kanaan has helped a wide swath of decision-makers better grasp the nature of AI. He has a knack for expressing complex topics in clear, accurate and succinct ways and many of us in the national security community have already had the pleasure of hearing from him in person or in conferences. His book, T-Minus AI: Humanity's Countdown to Artificial Intelligence and the New Pursuit of Global Power, provides context and insights in a way that can help concerned citizens and business leaders better grasp the issues of AI. He gives us all a call to action to learn more because as he makes clear in the book, the countdown to AI is actually over. In this OODAcast we explore a bit of what makes Kanaan tick, and dive into his motivations for this book. We discuss what citizens should know about AI and what business leaders can do to prepare their companies for success in the coming age. You will find Michael to be very plain spoken. When asked to define AI for us, he approached it in a way we have never heard before, starting with a reminder that on the Internet CATS are everywhere so he wants to use that as an acronym/nemonic. CATS is a reminder to always consider that when a person is talking about AI they may be referring to a Concept, and Application or a Techniques. So when you hear someone talk about AI, be sure to know which the speaker is referring to. We especially loved at the 10 minute mark in the discussion when he put AI into the context of the OODA loop. He thinks of AI as best in the observe and orient side of the OODA loop, since this is AI doing what it does best, but wants the decide and act part of the decision process to always be a human job. We tend to agree of course, except in use cases where humans have decided the machines are ok to act. We asked Michael his views on the security if AI and coming issues of the threat and ways to mitigate threats to AI. His view: just like building trust with humans, we need to build trust with AI, and it will take time to do that. Michael's Bio: Michael Kanaan was the first chairperson of artificial intelligence for the U.S. Air Force, Headquarters Pentagon. In that role, he authored and guided the research, development, and implementation strategies for AI technology and machine learning activities across its global operations. He is currently the Director of Operations for Air Force / MIT Artificial Intelligence. In recognition of his fast-rising career and broad influence, the author was named to the 2019 Forbes "30 Under 30" list and has received numerous other awards and prestigious honors--including the Air Force's 2018 General Larry O. Spencer Award for Innovation as well as the US Government's Arthur S. Flemming Award (an honor shared by past recipients Neil Armstrong, Robert Gates, and Elizabeth Dole). Kanaan is a graduate of the US Air Force Academy and previously led a National Intelligence Campaign for Operation Inherent Resolve in Syria and Iraq.

Jim Miller has worked for four decades on a combination of private and public sector initiatives focused on addressing a wide variety of national security threats. He has held numerous positions within the Department of Defense including serving as Under Secretary of Defense for Policy and has been awarded the DoD's highest civilian award four times. In this OODAcast, we discuss a wide variety of topics including: How to use red teaming to plan for emerging threats and opportunities How to bridge the gap between planning and execution Lessons-learned from 40 years of working with top strategists and thinkers Developing a new generation of experts to inform policy and strategy How the first DoD Cyber Policy was developed and how it contributed to addressing the cyber threat Emerging national security concerns and the global threat landscape Official Bio: Jim Miller is President of Adaptive Strategies, LLC, which provides consulting to private sector clients on strategy development and implementation, international engagement, and technology issues. He is a senior fellow at Johns Hopkins University's Applied Physics Laboratory, and is a member of the International Institute for Strategic Studies and the Council on Foreign Relations. As Under Secretary of Defense for Policy from May 2012 to January 2014, Dr. Miller served as the principal civilian advisor to the Secretary of Defense on strategy, policy, and operations, working to strengthen relations with allies and partners in Europe, the Middle East, and Asia, and to reduce the risks of miscommunication with Russia and China. He served as Principal Deputy Under Secretary of Defense for Policy, from April 2009 to May 2012. For his accomplishments, he was awarded the Department of Defense's highest civilian award, the Medal for Distinguished Public Service four times, twice by Secretary Gates, and by Secretaries Panetta and Hagel. He also received the Chairman of the Joint Chiefs of Staff's Joint Distinguished Civilian Award. Dr. Miller was present at the creation for CNAS, serving as Senior Vice President and Director of Studies from 2007 to 2009. He previously served as Senior Vice President at Hicks and Associates, Inc. During the 1990s he was Deputy Assistant Secretary of Defense for Requirements, Plans, and Counterproliferation Policy, Assistant Professor of Public Policy at Duke University, and senior professional staff member for the House Armed Services Committee. Dr. Miller received a B.A. degree with honors in economics from Stanford University, where he played tennis for a team that won several national championships. He earned Master's and Ph.D. degrees in public policy from the John F. Kennedy School of Government at Harvard University. Additional Resources: OODA Network Interview with Jim Miller

Chet Richards was a close associate of the late US Air Force Colonel John Boyd. He was there as the concept of the OODA Loop was being developed and constructed the first graphics of the OODA Loop from sketches Boyd drew. Chet is the author of the widely read business book "Certain to Win" which was the first book to describe Boyd's strategy in terms familiar to business leaders and show how the OODA Loop and associated Boyd concepts apply to today's business problems. Business is not war, but in its most competitive state it is a form of conflict, with companies seeking advantage in bringing products and services to market better and faster than competitors. If you dig beneath Boyd's war-centered tactics you find a general strategy for ensuring your business is the one that wins. This fact is the entire reason our company, OODA, and this site, OODAloop.com, was named as an homage to this operational decision-making model. Boyd never wrote a business book himself, but he read and commented on every version of this book's manuscript till his death in 1997. Chet has consulted with a number of aerospace and professional services companies and has lectured at the Air War College and the Army's Command and General Staff College. In this OODAcast Matt Devost and Bob Gourley ask the questions they have always wondered about Boyd and Richard's creative processes, their interactions with other great thought leaders, the relation of the OODA model to the writings of business strategists and how it inspired others like Tom Peters, and the power of building a trust-based network of peers. Additional Reading: Certain To Win book Chet's Blog

Courtney Bowman leads Palantir's Privacy and Civil Liberties Engineering Team. In this capacity he works extensively with local, state and international governments and philanthropic partners to develop technology-driven solutions to information sharing needs that respect applicable privacy, security and data integrity requirements. He does so in a way that is informed by experience and well thought out approaches that we consider an exemplar for tech firms, enterprises and government data strategists. In this OODAcast we examine some of his approaches. Our discussion covered ethics, compliance and security in the modern age including a deep dive into approaches to managing data in a crisis. Through it all, Courtney provides insights that make it clear that privacy and ethics do not need to be placed at risk, even in a major crisis. Key to safeguarding privacy and security of data is having a well thought out data strategy focused on the right objectives, backed up with a secure data architecture. For more on Courtney and his views on the ethics of data in crisis see: Best practices for using data during a crisis The Architecture of Privacy: On engineering trustworthy safeguards