OODA and Cybersecurity

The OODA Loop

U.S. Air Force Colonel John Boyd created the concept of the OODA loop to aid in the development of military strategy. By rapidly observing and analyzing an adversary’s behaviors, Col. Boyd believed that a strategist using the OODA decision-making process could gain an advantage. Accepting the chaos associated with rapid analysis and working more rapidly than the opponent allows a decision-maker to appear unpredictable and cause chaos in the adversary’s decision-making.

The OODA loop is a four-stage process for decision-making: observe, orient, decide and act. A strategist should cycle through these phases often and rapidly as part of their analysis and decision-making process.

Observe

The first stage of the OODA loop is focused on gathering information about the environment, the adversary and the decision-maker.

The goal of OODA is to allow the decision-maker to make and act upon rapid decisions and create chaos in the mind of their adversary by hiding their intentions and appearing to be unpredictable. The need for speed in decision-making means that the analyst does not have the time to collect and analyze all possible information about the situation, their adversary and their possible actions and outcomes. To effectively operate within the context of an OODA loop, an analyst needs to learn to identify the most important pieces of information to collect, do so rapidly and move on to the next stage.

Orient

In a presentation about the OODA loop, John Boyd stated that Orientation was the most important part of the process:

The second O, orientation—as the repository of our genetic heritage, cultural tradition, and previous experiences—is the most important part of the O-O-D-A loop since it shapes the way we observe, the way we decide, the way we act.

In the Orientation phase of the OODA loop, an analyst uses (Read more...)

*** This is a Security Bloggers Network syndicated blog from InfoSec Resources authored by Howard Poston. Read the original post at: http://feedproxy.google.com/~r/infosecResources/~3/_JZl6iI1suI/