Sep 10, 2021
Bob Bigman spent a career in the intelligence community. He was
the CISO of the CIA where he was tasked with leading efforts to
protect the nation’s most sensitive secrets. He remains a
practitioner. Since 2012 he has provided direct consulting services
to CISOs, CIOs, CTOs and CEOs seeking to reduce risk and improve
security programs. Through it all he has built a reputation for
rapidly assessing the state of enterprise security programs and
then working to build action plans to drive continuous
improvement.
This OODAcast examines aspects of Bigman’s approach to security
that can inform you own approach. We also solicit his views on
compliance and security checklists, metrics, and the state of the
IT industry (he does not hold back on any of those!).
Some other topics we covered include:
– His journey from history major to cybersecurity
practitoner
– His views on why some organizations are better mitigating
risks that others
– The importance of senior leadership in mitigating cyber
risks
– The role of the red team in cybersecurity
– Advice for businesses that cannot afford a CISO
– The state of cybersecurity in local and state governments
– Why there are 1000’s of cybersecurity technologies on the
market today and what that says about the state of the IT
industry
– The virtues of the MITRE ATT&CK approach
– Views on the future of cybersecurity
Black Swans and Gray Rhinos
Now more than ever, organizations need to apply rigorous thought
to business risks and opportunities. In doing so it is useful to
understand the concepts embodied in the terms Black Swan and Gray
Rhino. See:
Potential Future Opportunities, Risks and Mitigation Strategies in
the Age of Continuous Crisis
Cybersecurity Sensemaking: Strategic intelligence to inform
your decisionmaking
The OODA leadership and analysts have decades of experience in
understanding and mitigating cybersecurity threats and apply this
real world practitioner knowledge in our research and reporting.
This page on the site is a repository of the best of our actionable
research as well as a news stream of our daily reporting on
cybersecurity threats and mitigation measures. See: Cybersecurity
Sensemaking
Corporate Sensemaking: Establishing an Intelligent
Enterprise
OODA’s leadership and analysts have decades of direct experience
helping organizations improve their ability to make sense of their
current environment and assess the best courses of action for
success going forward. This includes helping establish competitive
intelligence and corporate intelligence capabilities. Our
special series on the Intelligent Enterprise highlights research
and reports that can accelerate any organization along their
journey to optimized intelligence. See:
Corporate Sensemaking
Artificial Intelligence Sensemaking: Take advantage of this
mega trend for competitive advantage
This page serves as a dynamic resource for OODA Network members
looking for Artificial Intelligence information to drive their
decision-making process. This includes a special guide for
executives seeking to make the most of AI in their enterprise. See:
Artificial
Intelligence Sensemaking
COVID-19 Sensemaking: What is next for business and
governments
From the very beginning of the pandemic we have focused on
research on what may come next and what to do about it today. This
section of the site captures the best of our reporting plus daily
daily intelligence as well as pointers to reputable information
from other sites. See: OODA COVID-19 Sensemaking
Page.
Space Sensemaking: What does your business need to know
now
A dynamic resource for OODA Network members looking for insights
into the current and future developments in Space, including a
special executive’s guide to space. See: Space
Sensemaking
Quantum Computing Sensemaking
OODA is one of the few independent research sources with
experience in due diligence on quantum computing and quantum
security companies and capabilities. Our practitioner’s lens on
insights ensures our research is grounded in reality. See: Quantum
Computing Sensemaking.
The OODAcast Video and Podcast Series
In 2020, we launched the OODAcast video and podcast series
designed to provide you with insightful analysis and intelligence
to inform your decision making process. We do this through a series
of expert interviews and topical videos highlighting global
technologies such as cybersecurity, AI, quantum computing along
with discussions on global risk and opportunity issues. See:
The OODAcast