In this OODAcast, Chris Wysopal shares his insights from decades in cybersecurity, detailing his journey from the early hacking collective "The L0pht" to co-founding Veracode. Wysopal reflects on the evolution of cybersecurity, highlighting his early contributions to vulnerability research and advocating the importance of adversarial thinking in security practices. He emphasizes the transition from traditional vulnerability testing to comprehensive application risk management, recognizing the increased reliance on third-party software and the escalating complexity of securing modern applications.

Wysopal also discusses how generative AI technologies are significantly accelerating application development but simultaneously creating substantial security challenges. He stresses that while AI-generated applications multiply rapidly, their vulnerability density remains comparable to human-written code. To manage this growing risk, Wysopal underlines the necessity of integrating automated, AI-driven vulnerability remediation into the software development lifecycle.

Looking forward, Wysopal advocates for embedding security deeply within the application creation process, anticipating that AI will eventually assist in producing inherently secure software. However, he also underscores the enduring threat of social engineering attacks, urging enterprises to prioritize comprehensive security awareness programs to bolster their overall cybersecurity posture and resilience.

The conversation examines some very interesting correlations between the mindset of the great hackers and the success of great entrepreneurs. Both take a good bit of grit, an ability to focus and be creative and perhaps most importantly: Persistence.

Learn more about Chris Wysopal's approaches and the company he founded at Veracode. For insights into reducing your organization's attack surface see: State of Software Security 2025

In this episode of the OODAcast, Bob Gourley speaks with Ian Brown, retired Marine Corps officer and author of A New Conception of War, which explores the influence of John Boyd on the Marine Corps and the evolution of maneuver warfare. Ian shares insights from his 20-year career in the Marines, including his experiences as a CH-53 helicopter pilot, forward air controller, and operations officer at the Brute Krulak Center for Innovation and Future Warfare.

The conversation dives into the history and adaptability of the Marine Corps, Boyd’s impact on military strategy, and how maneuver warfare became central to Marine Corps doctrine. Ian discusses Boyd’s unique ability to synthesize knowledge from multiple disciplines, his contributions beyond the well-known OODA loop, and his lasting influence on competitive decision-making across military and business environments.

Ian also previews his next book project, which will compile full transcripts of Boyd’s recorded presentations, offering a deeper look into his strategic thinking. The discussion touches on leadership, decision-making, and the importance of adapting mental models for success—principles that apply beyond warfare to business, strategy, and national security. Whether you’re a military historian, strategist, or business leader, this episode provides valuable insights into the enduring relevance of Boyd’s ideas.

To get the book see: A New Conception of War

For a directory of all OODAcasts see: https://oodaloop.com/oodacasts/

In this OODAcast, Bob Gourley interviews Trevor Hilligoss from SpyCloud, diving into his career trajectory from the U.S. Army to cybercrime intelligence. Hilligoss shares his unconventional path, starting as a forward observer in the Army before transitioning to law enforcement and later working with the FBI’s Joint Ransomware Task Force. He explains how his investigative experience led him to SpyCloud, a company dedicated to collecting intelligence on cybercriminals and using it to prevent attacks.

The discussion highlights how cyber threats evolve and why proactive intelligence is crucial in countering criminal activities. Hilligoss explains SpyCloud’s unique role in cyber defense, which involves infiltrating underground forums and gathering stolen data to identify vulnerabilities before criminals can exploit them. He emphasizes the growing challenge of session hijacking, malware-driven credential theft, and the commoditization of cybercrime, where even low-skilled actors can execute sophisticated attacks using readily available tools. He underscores the importance of disrupting cybercriminals by exposing their identities and dismantling their infrastructure, rather than solely relying on traditional law enforcement methods.

The conversation also explores how enterprises, governments, and small businesses can leverage SpyCloud’s intelligence to protect their networks. The episode concludes with a discussion on fraud, particularly scams targeting elderly victims, and the need for stronger industry-wide defenses. Hilligoss expresses optimism about the future of cybersecurity, citing increased collaboration between public and private sectors and innovative disruption techniques, such as name-and-shame campaigns and cybercriminal takedowns. He encourages a mindset of making cybercrime as difficult and costly as possible for bad actors, reinforcing the importance of staying ahead of evolving threats.

For more on SpyCloud see: SpyCloud.com

In this episode of the OODAcast we turn the microphone over to Dr. Bilyana Lily, the world renowned cyber and geopolitical expert, who interviews OODA’s CEO and co-founder Matt Devost.

The session provides insights which can benefit any entrepreneur, board member, investor or cybersecurity practitioner. Bilyana reviews Matt’s journey from a small-town in Vermont to becoming a global leader in cybersecurity, counterterrorism, and risk management and then dives into Matt’s work founding groundbreaking companies like FusionX and the Terrorism Research Center, his insights into AI and cyber defense, and even his contributions to Hollywood films like Blackhat. Matt also explores the evolving hacker community, the future of augmented reality, and why exponential technological change will reshape our world. This is a must-watch for anyone interested in the nexus of technology, security, and innovation.

In this OODAcast, Bob Gourley interviews retired Admiral Mike Studeman, a leader with over 35 years of experience in operational intelligence and national security. Admiral Studeman shares his journey, from joining the Navy at the close of the Cold War to serving as the Director of Intelligence for Southern Command and Indo-Pacific Command, and ultimately as the Commander of the Office of Naval Intelligence. He offers deep insights into the evolving nature of intelligence, emphasizing the importance of operational intelligence in driving informed decision-making at all levels.

Admiral Studeman discusses key lessons from his career, the value of continual learning, and his perspective on leadership—highlighting the importance of proactive action, integrity, and inspiring others. He also explores challenges facing America today, including leadership crises and the strategic implications of global shifts, particularly with respect to China.

The discussion delves into his new book, Mind of the Chain: Forging Leaders of Iron Integrity, where he shares stories and reflections from his career, offering valuable advice to leaders at all stages of their journey. Admiral Studeman’s message is clear: effective leadership requires constant learning, discernment, and a commitment to shaping a better future.

For more see:

• MikeStudeman.com
• Might of the Chain: Forging Leaders of Iron Integrity

In this OODAcast, Matt interviews Dr. Bilyana Lilly who is an expert on Russian information warfare and geo-political risk. Bilyana is also the author of the book Russian Information Warfare and the novel Digital Mindhunters.

Dr. Lilly shares her fascinating origin story and how she emerged as one of the premiere experts on Russian information warfare and geopolitical dynamics. Bilyana has worked tracking international arms and weapons supply chains, conflict zones, and other geo-political dynamics in academia, the private sector, and at internationally renowned think tanks. She shares fascinating insights from her time attending a Russian military conference with top leaders, her activities tracking information warfare and influence campaigns and then the conversation shifts to current geo-political risks including the conflict in Ukraine and what we can expect by way of targeting during the upcoming US election cycle.

Official Bio:

Dr. Bilyana Lilly is the chair of the cyber track at the Warsaw Security Forum and an adjunct researcher at the RAND Corporation. Dr. Lilly helps clients to detect and respond to ransomware threats and information warfare activities. Bilyana led a team that developed a threat-based risk assessment framework to prioritize vulnerabilities in critical infrastructure which the U.S. Department of Homeland Security now uses in all 50 states. She is a speaker at DefCon, CyCon, Executive Women's Forum, and the author of two books and a dozen publications, translated in Russian and Chinese. Dr. Lilly has been cited in the Wall Street Journal, Foreign Policy, and ZDNet. She has been denounced by Russia’s Ministry of Foreign Affairs. Lilly has a Ph.D. from Pardee RAND Graduate School, and master’s degrees from Oxford University (distinction) in England and the Graduate Institute in Switzerland.

Additional Resources:

• Connect with Dr. Lilly on LinkedIn
• Russian Information Warfare: Assault on Democracies in the Cyber Wild West

In this episode of the OODAcast, Bob Gourley interviews Renee Wynn, former Chief Information Officer (CIO) of NASA.

Renee Wynn’s career trajectory is a testament to the unpredictable yet rewarding nature of professional journeys. Starting with a Bachelor of Arts in Economics from a liberal arts college, Renee navigated through various roles, ultimately becoming the CIO of NASA. She emphasizes the importance of focusing on capabilities rather than specific job titles, a mindset that allowed her to seize unexpected opportunities.

The Value of Liberal Arts in Technology

Renee underscores the significance of her liberal arts education in her professional life. Her studies honed her writing skills, critical thinking, and ability to organize arguments—skills essential for effective communication and policy defense in public service. This foundation proved invaluable in her roles at the Environmental Protection Agency (EPA) and NASA, where she often had to articulate complex technical concepts to diverse audiences.

Renee’s tenure at the EPA was marked by her passion for the agency’s mission—ensuring clean air, water, and safe land use. Her role evolved with the advent of computers, sparking her interest in how technology can enhance mission delivery. This experience laid the groundwork for her transition to NASA, where she faced the challenges of managing a vast and complex IT infrastructure supporting global and off-world operations.

At NASA, Renee encountered a culture of profound dedication and love for the agency’s mission. She detailed the complexities of NASA’s operations, which include managing data from global and space-based sources. A significant part of her role involved ensuring the cybersecurity of these operations, particularly the International Space Station, where a cyber incident could have international repercussions.

Renee highlights the innovative integration of art and science in NASA’s projects. For instance, the James Webb Space Telescope’s sun shields, inspired by origami, demonstrate how artistic concepts can solve engineering challenges. This convergence of disciplines not only facilitates technical advancements but also fosters creativity and out-of-the-box thinking.

The conversation delves into the burgeoning space economy, where new opportunities such as space mining, in-orbit servicing, and space tourism are emerging. Renee points out the dual nature of these advancements—each new capability also presents potential risks, particularly in cybersecurity and ethical considerations.

Since retiring, Renee has embraced a portfolio career, serving on corporate and advisory boards, consulting, and engaging in public speaking. Her diverse roles keep her connected to cutting-edge technology and allow her to contribute her expertise to various sectors, including marketing and nonprofit organizations.

Renee Wynn’s journey from a liberal arts graduate to the CIO of NASA exemplifies the profound impact of a well-rounded education on a career in technology. Her insights into the integration of liberal arts and technical disciplines highlight the value of diverse perspectives in solving complex problems. As the space economy continues to evolve, her experiences and foresight offer valuable lessons for the future of technology and exploration.

Connect with Renee Wynn on LinkedIn