The OODA Loop
Director Steve Southern takes a look at a decision cycle which could apply to cyber security
I'm a great believer in not re-inventing the wheel. We should sometimes look to seemingly unlikely sources for ideas about how to deal with increasing cyber security threats.
One such source is the OODA loop, proposed by Colonel John Boyd USAF. The OODA loop is a deceptively simple decision cycle of Observe, Orient, Decide, and Act.
Boyd developed the cycle for air combat operations, hypothesising that victory can be assured for whoever completes the OODA loop most quickly.
There is some great explanation of the OODA loop, and some excellent quotes from associates and colleagues of Colonel Boyd at http://en.wikipedia.org/wiki/OODA_loop. I particularly like the following quote:
“The key is to obscure your intentions and make them unpredictable to your opponent while you simultaneously clarify his intentions. That is, operate at a faster tempo to generate rapidly changing conditions that inhibit your opponent from adapting or reacting to those changes and that suppress or destroy his awareness. Thus, a hodgepodge of confusion and disorder occur to cause him to over- or under-react to conditions or activities that appear to be uncertain, ambiguous, or incomprehensible.”
The OODA loop has been adapted for use in other scenarios and can be compared to the ‘Plan, Do, Check, Act’ cycle published by the ISO - International Organization for Standardization. It seems obvious to me that it’s a model that can be transposed directly to cyber security where we must observe the threats, orient ourselves accordingly, take decisions, and act. We occasionally hear reports of nations developing offensive cyber warfare capabilities, and those that are had better take account of the OODA loop.