OODAcast
Allan Friedman is a senior strategist at CISA (the Cyber Security and Infrastructure Security Agency) where he coordinates all of their cross-sector activities on the topic of SBOM: The Software Bill of Materials. Allan is widely known as a change agent in both the public and private sector. In government he led initiatives that created positive change in major community-wide initiatives around vulnerability disclosure and vulnerability management. He also championed efforts that made dramatic improvements in the ability to reduce risk due to the proliferation of Internet of Things devices...
info_outline Episode 116: Joe Sullivan on Managing Complex Security ChallengesOODAcast
Joe Sullivan has been at the forefront of managing security risk in rapidly growing high tech companies over the past 20 years serving as the Chief Security Officer at Facebook from early start-up through the IPO, CSO of Uber and CloudFlare, and as a security leader at eBay/PayPal. Joe was also involved in a landmark legal case for a breach at Uber which resulted in a criminal conviction that serves as a precedent for executive liability in cybersecurity going forward. In this OODAcast we discuss: Joe's early career and how he got interested and involved in technology and started his...
info_outline Episode 115: Joe Tranquillo on the Revolution in Biological ScienceOODAcast
Joe Tranquillo is a Professor of Biomedical Engineering at Bucknell University and a provost at the school. He is also and author and speaker with a knack for helping make new and at times complex subjects understandable. In this OODAcast we discuss many aspects of the revolution in biological sciences with Joe including topics like: New ways of delivering medicines that target specific tissues Discovery of the structure of almost every human protein Methods to synthesize biomolecules, which can result in ways to manufacture a wide range of materials like therapeutics, flavors, fabrics, food,...
info_outline Episode 114: MITRE Futurist Charles Clancy on our Quantum Enabled FutureOODAcast
Charles Clancy has successfully led technology efforts in government, industry, academia and continues to lead and innovate in his current position as Senior Vice President and GM of MITRE Labs. He is MITRE's Chief Futurist. His role in technology leadership and his tracking of tech across multiple domains made for an incredibly insightful OODAcast. We review Charles' insights into: Quantum Computing Quantum Security Artificial Intelligence Microelectronics and Friendshoring/Reshoring The March 2023 National Strategy for Cybersecurity Governance in the age of ubiquitous computing ...
info_outline Episode 113: Mark McGrath: John Boyd Is Far More Than The OODA LoopOODAcast
Mark McGrath has applied the teachings of John Boyd to a career that began in the Marine Corps, included leadership positions in financial services firms and consulting with businesses with a need to learn to thrive in volatile, uncertain, complex and ambiguous (VUCA) environments. He co-founded the consultancy AGLX and serves as its Chief Learning Officer. He is the co-host of the popular podcast “No Way Out” which is dedicated to examining and advancing the use of the theories of John Boyd to help both individuals and businesses seeking to improve their capacity for free and independent...
info_outline Episode 112: Serene - The Hacker Pianist Saving CyberspaceOODAcast
Serene is a hacker in the truest sense of the word. She's applied a hacker mindset to learn coding, piano, and blend art and engineering in fascinating ways. You'll find her collaborating on-stage with Grimes one night and coding censorship resistant technologies the next day. As a self-taught coder she was the first engineer hired into Google Ideas when she was just a teenager. At Google she pioneered work on WebRTC proxies that she continued as a fellow at the Open Tech Fund and was eventually released as a Tor-enabling tool called Snowflake. Serene took a hiatus from working as a...
info_outline Episode 111: Andy Bochman on Countering Cyber SabotageOODAcast
Andy Bochman is the Senior Grid Strategist-Defender for Idaho National Laboratory’s National and Homeland Security directorate. In this role, Andy provides strategic guidance on topics at the intersection of grid security and climate resilience to INL leadership as well as senior U.S. and international government and industry leaders. Andy is a frequent speaker, writer, and trainer who has testified before the U.S. Senate Energy and Natural Resources Committee on energy infrastructure cybersecurity issues and before FERC on the maturity of smart grid cybersecurity standards. He has had...
info_outline Episode 110: Spencer Ante on Creative Capital and Disruptive InnovationOODAcast
Spencer Ante is the author or "Creative Capital: Georges Doriot and the Birth of Venture Capital", which was on my Top 10 book list for 2022. In fact, I found Doriot's story so compelling that a portrait of him hangs on the wall at the Hack Factory start-up studio in Reston, VA. Doriot is a compelling figure with an incredible story as told in Spencer's book. He was a Harvard Business School professor, responsible for launching the modern American industrial management movement, served as a General in World War II where he solved critical supply chain and logistics issues while also...
info_outline Episode 109: Bob Zukis and the Digital Directors Network: Helping corporate boards mitigate systemic riskOODAcast
ob Zukis is a man on a mission to improve the ability of corporate America to succeed in a complex digital world, even when under constant cyber attack. Bob is the CEO and founder of the Digital Directors Network, the global pioneer in helping corporate directors advance their understanding of systemic risk. We consider Bob to be the world's leading advocate for improving cybersecurity governance. His many articles published in major business journals and impactful books on the topic make this case well. Bob has worked with, studied, and been on corporate boards for years and now teaches...
info_outline Episode 108: Adam Shostack on Cybersecurity and What Every Engineer Should Learn From Star WarsOODAcast
Adam Shostack is widely known in the cybersecurity world for his pioneering work on disclosing and discussing computer vulnerabilities (the CVE (common vulnerabilities and exposures) list). He also helped formalize and train leading approaches to threat modeling and wrote the foundational book on the subject (). In this OODAcast we seek lessons from Adam’s career and experiences (which range from startups to nearly a decade at Microsoft, as well as the Blackhat review board, as well as being an Affiliate Professor at University of Washington). We then dive deep into Adam’s most...
info_outlineElias (Lou) Manousos is a recognized expert in Internet security and fraud prevention. He has been developing and delivering enterprise protection technologies for more than 15 years. As CEO of RiskIQ, he has spearheaded a new approach that helps Internet, financial services, healthcare, media and consumer packaged goods companies protect their brands from online fraud. Elias is also co-chair of the Online Trust Alliance (OTA) Anti-Malvertising Working Group and is responsible for Malvertisements.com, the first and only public database documenting malvertising incidents on a continuous basis. Prior to RiskIQ, Elias was VP of R&D at Securant Technologies (acquired by RSA), which pioneered identity and access management for web applications. At Securant, he was instrumental in creating now-commonplace technologies for single sign-on (SSO) security.
In this wide ranging discussion Matt Devost and Bob Gourley discussed several topics of interest to the community, including:
- Lou's leadership style and lessons learned relevant to leaders of other firms in the cybersecurity domain
- The Anti-Malvertising working group and Lou's leadership there
- Views on the dynamic cyber threat
- Ways the threat has been changing because of the pandemic and RiskIQ's response to that
- RiskIQ's transition to remote ops
- The future of cybersecurity
Related Resources:
- RiskIQ
- RiskIQ Daily Cybercrime Update
- 10 Red Teaming Lessons Learned Over 20 Years – Red teaming is one of the most valuable things you can do within your organization. OODA CEO and Co-Founder Matt Devost offers up his top ten red teaming lessons learned from over two decades of red teaming across hundreds of engagements.
- OODA’s Special Reporting on the Federal Technology Market: This market should be part of any tech firm's strategy
- OODA Special Report on Best Practices for Agile Cybersecurity Tips from our experts
- Context on Make vs Buy in the Federal Ecosystem: If you know of anyone anywhere in government who is thinking of building/coding a new data system to track issues around the pandemic they should just stop and should buy a commercial platform.
- OODAcast on YouTube: OODA’s YouTube Channel