This week, we are proud to present part 2 of a two-part thought leadership paper on the OODA Loop and how it may be successfully applied to cybersecurity. Cliff Kittle, a retired Marine Corps Captain who knows a thing or two about war-time decision making, does a great job of simplifying the ideas behind OODA and why each component is important and must work with the others to be effective.
Mental Models can be general and abstract or specific and concrete. It behooves an organization to have both types in their inventory. Both types are built on a war mindset that enables a strategy framework for high tempo decision making relative to any security event. The foundation of a war mindset is built with the understanding that there will be operating environment events beyond the organization’s control. What can be controlled is the organization’s security position relative to the uncontrolled event. The decisions made to change a security position have the greatest opportunity for success if the correct mental model is used in the execution of the chosen strategy. In that context, then, the ability to identify elements of previous mental models that can be extracted and implemented in the mental model created for responding to this new threat is vital.
Building a robust toolbox of mental models to add to the current latticework of the existing mindset is valuable in enabling the security team to overcome the “Man with a Hammer” syndrome that is so common