OODA Loops...And Combating The Threat In The Digital World

HP

Information technology is not my area of focus but it’s no less important when it comes to our security. I would argue in today's world it is very important area to discuss when it comes to our security, as criminals and terrorist work in an all out effort to effect the our well being and way of life through attempts and successful hacking of IT systems. The threat has become more active and is a serious and ever evolving. Billions of dollars are stolen, through identity theft and fraud. Our nations secrets are found out through the internet, and our privacy can be exploited. Gang Stalking and bullying is another threat trend that has evolved through the internet. Cyber security is a crucial domain we must strive to secure. Modes of communication and how we protect flowing and stored information is critical.

Hewlett Packard HP, has a series “The information Security OODA Loop” I found interesting on how OODA will help in our efforts to secure our information. The series takes interesting perspective on OODA  that will help those of you doing IT investigations and successfully combating the treat.

“If you've never heard of the OODA (Observe, Orient, Decide, Act) loop then you're missing out.  The OODA loop was invented by a military strategist (John Boyd, USAF) and the idea is that in order to win any given incursion you must go through your OODA loop faster than your opponent.  This obviously applies to the digital world where decisions are made, often poorly, based on the information available to you in a consumable and actionable format.  There's the key though, the decision you make in any given moment is predicated on having the right information, at the right time, in the right context - so you can act appropriately.

Not to beat this idea to death but we already know that failing to act quickly and appropriately can mean the difference between an incident, and a catastrophic breach.  If a retailer could know that someone is probing their systems with enough insight into what is also vulnerable and, more importantly, high-risk they could act appropriately by dispatching an incident response team, shutting down ports, or re-configuring services in near-real time.  There is no shortage of talk about how automation can provide all of this in a nice box - but it all comes down to Observe, Orient, Decide and Act.  Whether it's an automated bash script, or a human being dispatched to turn off a system physically - the requirements for doing a 'good job' are always the same.  The information required extends far beyond that typically available to an information security organization which means many of us are making critical decisions without having all the necessary information at hand.  This is at very least hazardous to the decision making process, and your enterprise.”

You can find the series here: “The information Security OODA Loop”

Stay Oriented!

Fred