“The invention of the ship was also the invention of the shipwreck.” – Paul Virilio

OODA’s consulting services take advantage of our deep domain expertise and experience in countering advanced threats and developing strategies and frameworks for improving your organizational security posture.  An approach that balances risk and opportunity to unlock the benefits of new technologies and networks while appropriately and responsibly managing enterprise risk.  Our team has decades of direct cybersecurity experience including executive management or founding roles at companies like Accenture, FusionX, iDefense, iSIGHT Partners, Defense Intelligence Agency, and Northrop Grumman.

Board of Directors Cyber Advisory Services

OODA offers dedicated board cybersecurity services designed to help Directors understand and manage the complexities of cyber risk.  Our advisory team is comprised of only senior executives who have deep domain expertise combined with executive management functions such as serving on Boards of Directors or managing cyber risk as CEOs, CTOs, and CISOs.  We help bridge the gap between Boards and their internal security management teams. (Learn More)

EVALU8 Risk Assessment

OODA has designed a comprehensive risk assessment framework to help identify and manage enterprise risks.  Comprised of 8 core components, this framework can be used as a holistic tool or as individual/combined components to address specific organizational needs.  For more information on the EVALU8 framework, please contact us.

Advanced Red Teaming

OODA can field Adaptive Red Teams to test for vulnerability to a wide-array of adversaries tactics and techniques or to explore the benefits of possible courses of action from a competitor’s viewpoint.

From an intelligence perspective our Red Team methodology can provide alternative viewpoints, challenge common assumptions, and anticipate unintended consequences of events and actions.

Our Red Team has assessed critical infrastructure vulnerability to terrorist attack, U.S. military strategy, economic impact of global events, and regional stability issues allowing decision makers to implement adaptive strategies to overcome risk and anticipate and exploit opportunity.

CXO as a Service

For organizations looking for deep security expertise to work with senior leadership to establish or manage their security program, we provide a CISO-as-a-Service model to help augment your team and bolster your cyber security.  All of our CISOs have over 15 years of direct cybersecurity management experience and can bring best-practice approaches to your organization. Service can include on-site support or a Virtual CISO (VCISO) model with a majority of the support provided remotely.

Our model also provides highly qualified, experienced Chief Technology Officer (CTO) and Chief Information Officer (CIO) leadership on your staff to manage and lead your technology partners, developers, engineers and IT support. We offer part-time, full-time, retained and hourly services.

Crisis & Incident Response Support

Our team has been responding to cyber and conventional incidents perpetrated by criminals, nation states, and other threat actors for over two decades. Whether you are a high-net worth individual suffering from financial fraud or a Fortune 500 company being targeted with state-sponsored espionage, our team has the requisite experience and expertise to help you manage, investigate, and respond to the incident or attack.

TURING Integrity Assessment

Over the next decade, we will see a rapid adoption of artificial intelligence and machine learning technologies as organizations seek to utilize those technologies to advance growth and capitalize on the ubiquitous sources of data captured inside and outside their enterprise.

It is important that these technologies are developed and implemented in the most secure manner possible.  OODA offers an AI and machine learning specific service offering that engages the best cybersecurity testers and data scientists to:

  • Identify technical vulnerabilities in the technology and supporting infrastructure that could be exploited by malicious attackers and work with you to mitigate your AI attack surface.
  • Ensure that algorithms and machine learning code deployed is not susceptible to algorithmic bias that could introduce risk or reduce opportunity for the business.
  • Validate training models and training data to align them with expected outcomes of the algorithms being deployed.
  • Identify non-security pathways that might be exploited by attackers to influence algorithms towards particular behaviors or non-optimal outcomes.