Best Security, Business, and Technology Books of 2016

On December 15, 2016, in Security, Technology, by Administrator

“Dozens of times per year, I get asked to recommend my favorite books so I couldn’t say no when the OODA Loop team asked me to build on Mark Mateski’s popular Red Teaming book list by providing my top 10 books for 2016. I have very eclectic interests, so I’ve focused my list on the […]

Every Cyber Attacker is an Insider

On October 29, 2015, in Papers and Essays, Security, by Administrator

“What enterprise executives need to realize is that in today’s environment, every cyber attacker is a potential insider. Given the prevalence of BYOD (bring your own device), supply chain integrity issues, foreign travel, and the plethora of successful spearphishing campaigns, executive leadership needs to operate on a presumption of breach basis and work on reducing […]

10 Red Teaming Lessons Learned Over 20 Years

On October 29, 2015, in Papers and Essays, Security, by Administrator

I’ve written a few popular blog posts over at OODA Loop. Here is one I did on red teaming lessons learned. “I often get asked what lessons I’ve learned over the past twenty years, so I started putting together this list of 10 lessons learned over 20 years of red teaming a few years ago. […]

State Sponsored Cyber Threats – The Long View

On February 25, 2013, in Papers and Essays, Security, by Administrator

“Thinking about state-sponsored cyber threats over the long term doesn’t come easy to Western strategists. This essay takes a look at at the strategic implications of thinking only in the short-term.” Source: OODA Loop – State Sponsored Cyber Threats – The Long View

Chinese IW – 1996

On October 4, 2012, in Security, by Administrator

Digging through some old files and found this from 1996: ::::::::::::::::::::: May 10, 1996, Friday SECTION: Part 3 Asia-Pacific; CHINA; MILITARY; EE/D2609/S2 LENGTH: 308 words HEADLINE: INFORMATION WARFARE; China: characteristics of information warfare explored SOURCE: Source: Jiefangjun Bao’, Beijing, in Chinese 16 Apr 96 p6 BODY: [6] Text of report by Chinese army newspaper Jiefangjun […]

Dronegate: The First Casualty is our Cybersecurity Paradigm

On October 14, 2011, in Security, by Administrator

Out of respect to the original blog, my comments on this article can be found by following the link below the excerpt. These are important issues and we should be examining and debating them in detail. “As of yet, there is no definitive narrative of the virus that hit the U.S. drone fleet at Creech […]

Using hackers as a national resource

On September 14, 2011, in Security, by Administrator

Misha Glenny’s TED talk entitled “Hire the Hackers” was sent to me about a dozen times today. I was reminded of the excerpt below taken from my 1995 thesis. Reviewing it after all these years, it is not perfect, but does raise some important points and the central theme still rings true. Step Seven: Use […]

‘Stuxnet’ Worm Far More Sophisticated Than Previously Thought

On September 15, 2010, in Security, by Administrator

Interesting revelation. One major red flag associated with this worm was the fact that folks were claiming it got distributed widely via removable media. Turns out that might not be the case… “As first reported on July 15 by, Stuxnet uses a vulnerability in the way Windows handles shortcut files to spread to new […]

Snapshot in time – September 11, 2001

On September 11, 2010, in Security, by Administrator

A few interesting screenshots from the Terrorism Research Center on September 11, 2001. Here is a message that Neal Pollard and I wrote that greeted our visitors when they first hit the domain. Having founded the company on the 1st anniversary of the OKC bombing we were sensitive to drawing too many conclusions too […]

We all live in the future now…

On January 3, 2010, in Security, Technology, by Devost

While I’m not usually one to dwell on the significance of a new decade, 2010 seems worth reflecting on.  This post covers a hodge-podge of issues keeping in tune with this blog’s general charter of technology, security, and obscurity.  Hopefully, there’s something for everybody. When I first started working national security issues, 2010 was one […]

Also Blogging at: