Summary 2021 began with an unprecedented attack on the seat of government in the United States on January 6th. In fact, the OODA Loop Daily Pulse released at 10 AM EST on the 6th had this ominous …
Five Eyes Issue Joint Log4Shell Advisory: “Agencies Strongly Urge All Organizations Take Immediate Action to Protect their Networks”
The Five Eyes intelligence allies - government agencies in the United States, United Kingdom, Australia, Canada, and New Zealand - issued a joint Cybersecurity advisory (CSA) days before the Christmas …
C-Suite Guide: Improving Cybersecurity Posture Before Russia Invades Ukraine
One thing a career in the intelligence community taught me is no model for predicting the future is foolproof. Every model and method has flaws. But when an adversary tells you what they will do you …
Continue Reading about C-Suite Guide: Improving Cybersecurity Posture Before Russia Invades Ukraine
What do the Apache Log4j Vulnerability, Security Community Outreach Efforts, Cognitive Infrastructure, Resilience, Anti-Fragility, John Boyd and Dune have in Common? The December 2021 OODA Network Member Meeting
To help members optimize opportunities and reduce risk, OODA hosts a monthly video call to discuss items of common interest to our membership. These highly collaborative sessions are always a great …
Commissioners Krebs, Hurd et. al. Deliver Commission on Information Disorder Final Report
We posted an analysis back in early November about former CISA Director Krebs' and former Congressman William Hurd's participation as Commissioners on the Information Disorder Report. At that time, …
The New Normal? Unique New Responses to Massive, Global Cyber Theft, Data Breach and Espionage Activities (Part 3 of 3)
In Part I of this series of posts, we broke down the timeline and impact of the massive Syniverse Hack, including the most recent development in the aftermath of the massive five-year-long data …
Security Directives Give Needed Cybersecurity Attention to Rail Services
The Transportation Security Administration (TSA) issued two Directives focusing on the cybersecurity of both passenger and freight railroads. Security Directive SD-1582-21-01 addresses passenger …
Continue Reading about Security Directives Give Needed Cybersecurity Attention to Rail Services
Threat Group Takes Aim Again at Cloud Platform Provider Zoho
An unknown state-backed threat actor has allegedly expanded its attack efforts against cloud platform company Zoho and its ManageEngine ServiceDesk Plus software. The software is a help desk and asset …
Continue Reading about Threat Group Takes Aim Again at Cloud Platform Provider Zoho
US Issues Cybersecurity Directive for Airlines and Railroads
The US has issued a new Transportation Security Administration mandate requiring all railroads and airlines to report cybersecurity breaches to the federal government. Cyber intrusions must be …
Continue Reading about US Issues Cybersecurity Directive for Airlines and Railroads
Global IT Supply Chain Disruptions Should Bolster Innovation and Cybersecurity with North American Allies
Backlogs in the global intermodal supply may precipitate a return to North America of over 40 years of outsourced manufacturing. So too, for reasons of national security and regional competitive …