OODAcast Matt Devost & Bob Gourley

In this episode of OODAcast, Megan Jaffer joins the conversation to discuss her journey in the intelligence community and the creation of Iron Butterfly Media Group. Megan also discusses the expansion of Iron Butterfly Media, including new podcast series and a documentary on women in intelligence.
Megan shares her background, including her studies in international relations and her experiences in South Korea. She highlights the origins of the Iron Butterfly podcast, which began as a small project during COVID-19 and has grown significantly, becoming influential in both academia and intelligence agencies. The Iron Butterfly podcast aims to share stories of women in the intelligence community, documenting their contributions and leadership.
Throughout the podcast, Megan has shared numerous impactful stories. For instance, Carmen Medina’s insights on leadership, emphasizing the importance of avoiding humiliation in interactions, and Maria Whitcup’s emotional recount of engaging with a murderer, highlighting the necessity of understanding even the darkest aspects of human behavior.
Future Endeavors
Looking ahead, Iron Butterfly Media is expanding. The team has grown, and the podcast has moved to video format. They are also launching a new podcast, “Women in the Arena,” focusing on military women. Moreover, they are in post-production for a documentary on women in the intelligence community, aiming for completion by the end of the year.
Building a Supportive Community
In addition to the media group, Megan has founded the Iron Butterfly Foundation. This 501c3 organization aims to provide resources and support for women to develop and execute their ideas, fostering a community of creators.
Megan Jaffer’s journey is a testament to the power of determination, networking, and passion. Her work through the Iron Butterfly podcast and foundation continues to inspire and support women in the intelligence community, ensuring their stories and contributions are recognized and remembered.
For more insights and to support Iron Butterfly Media, visit their website and follow them on LinkedIn and Instagram.
Related Reading:
Technology Convergence and Market Disruption: Rapid advancements in technology are changing market dynamics and user expectations. See: Disruptive and Exponential Technologies.
Corporate Board Accountability for Cyber Risks: With a combination of market forces, regulatory changes, and strategic shifts, corporate boards and their directors are now accountable for cyber risks in their firms. See: Corporate Directors and Risk
Geopolitical-Cyber Risk Nexus: The interconnectivity brought by the Internet has made regional issues affect global cyberspace. Now, every significant event has cyber implications, making it imperative for leaders to recognize and act upon the symbiosis between geopolitical and cyber risks. See The Cyber Threat
Challenges in Cyber “Net Assessment”: While leaders have long tried to gauge both cyber risk and security, actionable metrics remain elusive. Current metrics mainly determine if a system can be compromised, without guaranteeing its invulnerability. It’s imperative not just to develop action plans against risks but to contextualize the state of cybersecurity concerning cyber threats. Despite its importance, achieving a reliable net assessment is increasingly challenging due to the pervasive nature of modern technology. See: Cyber Threat

In this episode of OODAcast, Bob Gourley interviews Laura Thomas, a deep tech consultant and former CIA officer. Laura discusses her journey from a small town in North Carolina to a career in the CIA, where she served as a case officer. She emphasizes the importance of critical thinking and decision-making under uncertainty, and how these skills have translated to her work in deep tech.
Laura also highlights the potential of quantum computing and fusion energy, stressing the need for innovation and strategic investment in these transformative technologies.
Laura’s refreshing comments underscore why healthy debate is absolutely critical to good organizational decisions. She says “Disagree with me, I want to hear it, and don’t hold back!”
She provides some frameworks that can help leaders seeking to assess the dynamic geopolitical world we live in today. Her advice: “Zoom out.” Look at the bigger picture. And think through multiple scenarios. She is a huge fan of scenario planning.
Anyone who claims they know the future, she says, is likely a charlatan. Be very careful when you hear someone trying to tell you they know exactly what comes next.
We talk about Deep Tech.
Laura publishes online at Lauraethomas.com. Her writings there include expert insights into topics like how to engage technical experts at US national labs, agencies and academia to land your next role, things to know about national security deep tech, unique insights into transitioning to the private sector, and fact based observations on espionage and sex.
Find Laura on linkedin at: Laura Thomas

Allan Friedman is a senior strategist at CISA (the Cyber Security and Infrastructure Security Agency) where he coordinates all of their cross-sector activities on the topic of SBOM: The Software Bill of Materials.

Allan is widely known as a change agent in both the public and private sector. In government he led initiatives that created positive change in major community-wide initiatives around vulnerability disclosure and vulnerability management. He also championed efforts that made dramatic improvements in the ability to reduce risk due to the proliferation of Internet of Things devices including championing ways to keep these devices patched in the field. Now at CISA his SBOM efforts have produced action across a sector that few other initiatives have.

We discuss:

- What executive leaders need to know about SBOM and how to explain its benefits to any non-technical executive.

- How a small team can establish a vision and make change across government, industry and academia.

- What new initiatives may be coming that will support needs of the security and technology communities.

Related Reading:

Technology Convergence and Market Disruption: Rapid advancements in technology are changing market dynamics and user expectations. See: Disruptive and Exponential Technologies.

Corporate Board Accountability for Cyber Risks: With a combination of market forces, regulatory changes, and strategic shifts, corporate boards and their directors are now accountable for cyber risks in their firms. See: Corporate Directors and Risk

Geopolitical-Cyber Risk Nexus: The interconnectivity brought by the Internet has made regional issues affect global cyberspace. Now, every significant event has cyber implications, making it imperative for leaders to recognize and act upon the symbiosis between geopolitical and cyber risks. See The Cyber Threat

Challenges in Cyber “Net Assessment”: While leaders have long tried to gauge both cyber risk and security, actionable metrics remain elusive. Current metrics mainly determine if a system can be compromised, without guaranteeing its invulnerability. It’s imperative not just to develop action plans against risks but to contextualize the state of cybersecurity concerning cyber threats. Despite its importance, achieving a reliable net assessment is increasingly challenging due to the pervasive nature of modern technology. See: Cyber Threat

Joe Sullivan has been at the forefront of managing security risk in rapidly growing high tech companies over the past 20 years serving as the Chief Security Officer at Facebook from early start-up through the IPO, CSO of Uber and CloudFlare, and as a security leader at eBay/PayPal. Joe was also involved in a landmark legal case for a breach at Uber which resulted in a criminal conviction that serves as a precedent for executive liability in cybersecurity going forward.
In this OODAcast we discuss:

Joe's early career and how he got interested and involved in technology and started his career as a federal prosecutor focused on cyber crime. The transition into serving as a technology company CSO and his experiences at eBay/PayPal, Facebook, Uber and Cloudflare. Lessons learned from building and managing highly functional security teams in dynamic environments. Frameworks for managing risk at companies like Facebook and Uber. His experiences being prosecuted and convicted surrounding circumstances associated with a 2016 incident at Uber. How the courts will handle future cases like this and the associated liability for C-suite executives. His current work focused on supplying technology for remote learning to displaced children in Ukraine.
Official Bio:
Joe Sullivan is CEO of Ukraine Friends and President of Joe Sullivan Security LLC. Previously, Joe had served as the Chief Security Officer of Cloudflare since July (2018 - 2022). Prior to that, Joe was employed as Chief Security Officer at both Uber (2015 - 2017) and Facebook (2008 - 2015). His first private sector experience was in senior security and legal roles at eBay and PayPal (2002 - 2008). He also held the position of Commissioner for the United States Presidential Commission on Enhancing National Cybersecurity in 2016 and spent the first eight years of his career with the US Department of Justice, including as a federal prosecutor focused on cyber crime. Joe also advises a number of companies on security practices and mentors a number of developing security leaders.

Recommended Books:

Russia: Revolution and Civil War, 1917-1921

Beneath A Scarlet Sky

Joe Tranquillo is a Professor of Biomedical Engineering at Bucknell University and a provost at the school.
He is also and author and speaker with a knack for helping make new and at times complex subjects understandable. In this OODAcast we discuss many aspects of the revolution in biological sciences with Joe including topics like:
New ways of delivering medicines that target specific tissues Discovery of the structure of almost every human protein Methods to synthesize biomolecules, which can result in ways to manufacture a wide range of materials like therapeutics, flavors, fabrics, food, fuels. New ways of growing food that are more productive and take fewer pesticides and fertilizers. We also discuss the concept of complex systems and lessons from complex systems theory that apply not only to biological sciences and engineering but to many complex human activities and creations. We examine ways leaders can improve their ability to think in terms of complex systems, ways that technologists can use systems thinking to better communicate with non-technical people, and insights for executives on where the revolution in biological sciences is taking us.

Charles Clancy has successfully led technology efforts in government, industry, academia and continues to lead and innovate in his current position as Senior Vice President and GM of MITRE Labs. He is MITRE's Chief Futurist. His role in technology leadership and his tracking of tech across multiple domains made for an incredibly insightful OODAcast.

We review Charles' insights into:

Quantum Computing Quantum Security Artificial Intelligence Microelectronics and Friendshoring/Reshoring The March 2023 National Strategy for Cybersecurity Governance in the age of ubiquitous computing What corporate boards should know about technology and cybersecurity governance