Matthew Devost is the CEO and co-founder of OODA LLC, a strategic consulting firm that helps clients identify, manage, and respond to global risks, uncertainties, and emerging opportunities. We talk about hack-thinking, the OODA loop decision-making framework, and the predominant cyber security threats targeting small to medium-sized businesses. ood
—
Listen to the podcast here
Hack Think Yourself to Success with Matthew Devost
Our guest is Matthew Devost, the CEO and co-founder of OODA LLC, a strategic consulting firm that helps clients identify, develop strategies to respond to global risks, uncertainties and emerging opportunities. Matt’s company also operates a portal called Oodaloop.com that provides actionable intelligence, analysis, and insight on global security, technology, and business issues. Welcome to the show, Matt.
Thank you for having me. Looking forward to the conversation.
I’m excited to have you. And my first question is about your journey. If you could just give us a short overview of how someone becomes the CEO of a global security risk cyber strategic consulting firm. What is the entrepreneurial journey that gets you there?
You know, as you can imagine over 30 years, it’s a long story, but I’ll give you the truncated version. I really was one of the first people, while I was still a student, to recognize that cybersecurity was an emerging risk and that it was not just a risk that was impacting computer systems and computer software, but that it had real national security and real business implications. So I started focusing my career on that. I like to say that I helped create the cybersecurity wave and then was able to surf it.
So I was at the forefront of defining the problem and the need and what needed to be done, and then went into business to actually help solve those problems. My first job was actually for a big consulting company, but I was working almost exclusively for the US Department of Defense and Intel community, and I got to create and build the first ever US Department of Defense red team that had the legal authority to go after any systems classified or unclassified anywhere in the world, and then parlayed that into building what was a coalition red team, where not only did we target U.S. systems, but we targeted Canadian, Australian, New Zealand, U.K., and U.S. systems.
So I was doing that work, but because I was kind of a dual-hatted political scientist with a computer science background, I also understood the national security elements of this. So I could really contextualize what cybersecurity meant from a national security perspective. And I got pulled in on working for a presidential commission that was trying to frame the issue. And that commission ended up resulting in a presidential decision directive.
And one of those things in the decision directive was that the US should start what were called information sharing and analysis centers. These were hubs that were going to be between the US government and the private sector to share cyber threat intel. And sitting down with some colleagues, I actually had an aha moment with them where we said, well, if there’s demand for this service, why wait for the government to do it? Let’s do it in the private sector first.
And that was kind of my launch, from a real entrepreneurial perspective where I quit my good paying job at this big consulting company, contracting company to go and work on this startup and we ended up creating iDefense, which is the first ever cyber threat intelligence company in what is now a very robust market. Use that as a catalyst of entrepreneurship over many years. I created an entity called the Terrorism Research Center that I ran for over a decade that despite the name did a lot more than just counter terrorism related stuff.
And then most recently had built a company called Fusion X that was high-end red teaming and incident response entity that I sold to Accenture and became the managing director in charge of Accenture’s global cyber defense practice. Leaving Accenture, I did a brief stint helping set up a big acquisition fund, a global holding company around AI and machine learning, and then decided to launch OODA to focus not only on cybersecurity threats but to focus on support to decision-makers in complex environments.
Okay. That’s a lot to take in.
I gave you the short version.
That was the short version. The question that comes to my mind is that, when the government is working with an expert like you who knows how to, you know, how to handle cyber security, how to, you know, what are the threats out there? You’ve got this pool of knowledge of how to mitigate these threats. Why do they ever let people like you go and run your own thing? If I was the government, I would want to keep hold of people like you and basically give you everything that you need so that you do it for the country rather than for the private sector.
And there still are a lot of great people that are working in the public sector for U.S. government and other governments. I think especially back then when you’re talking 22 years ago, the retention strategies around technical personnel, even some of the culture fit around technical personnel. For me as a hacker, they never wanted me going to the Pentagon without wearing a suit, right? So they’re just these kind of natural environmental variables that I think we’ve overcome these days and entities like the NSA have embraced that culture.
People can show up in jeans and t-shirts and kind of look how they want as long as they’re doing good work. So it does highlight though a real issue and that especially as it relates to cybersecurity, we have this talent gap that exists. In the private sector, there are jobs that are not filled. They pay better, you know, typically have better benefits than the jobs in the public sector, and the public sector has jobs that aren’t filled. So, you know, we have this challenge over the next decade to make sure that we can train the next generation of the workforce that’s able to engage on these issues at both the public and the private sector.
That’s a big concern. I think about sometimes that how to make sure that we are better than China, better than Russia and have a better, better personnel. But we want to solve this on that podcast. I guess this issue. And so before I ask you about the management blueprint piece, because you mentioned this word hacking. I’d like you to tell me what hacking is in your definition. And then the other question is, what is the difference between hacking and ethical hacking? Is it just which side of defense you are, or there is a real differentiation there?
So I’m a bit of a purist in that I don’t ever use the term hacker in the negative connotation. I mean, the term originally originated out of MIT and was used to describe groups of scientists and educators and students that were very interested in dissecting very complex problems, technologies, putting them back together or reassembling them in different ways to solve different problems. So it really was about intellectual curiosity and applying that almost kind of like a creative destruction mindset to how we approach technology.
If you think about it, for most people, technology is something that is provided to you and you are the user and you operate within the bounds of what that technology can do. A hacker looks at the technology and says, how can I change this? How can I modify it? How can I adapt it to do things that it wasn’t intended to do or make the technology better? So from that perspective, I always use the term hacker in that positive connotation. We have the negative connotation, which is used to describe criminal computer intrusion.
I like to just refer to them as cyber attackers, et cetera. So in the context of your question, really it’s about the intent. The techniques are going to be very similar. What I will do or what my team will do in penetrating a system as an ethical hacker is very similar to what a criminal hacker will do, with the exception of we’re not out for criminal motive. We’re not trying to steal money.
We’re trying to help you improve your systems. Whereas the criminals or the nation state have some sort of ulterior motive. The criminals want to make money. The nation states want to steal secrets. So really it is about the more about the intent of the attack than really the capabilities that get deployed. We’re all using a lot of the same mindset and a lot of the same skill set just for different intent.
Okay. So I’d really like to dig in a little bit deeper about what you do and the cyber issues and the techniques that you use. But before we go there, I’d like to address the topic that is at the heart of this podcast, which is management blueprints. Frameworks that you use to implement in your company or books that you read that inspired you and which taught you some techniques, approaches that you implemented in building Ooda and your previous business that you exited. Can you tell us a little bit about any such blueprint?
I think for me, part of the blueprint was an iterative lesson learned, right? I’ve been an entrepreneur for over 20 years and I made mistakes and I adapted to those mistakes. I think that the first blueprint is to recognize that there is some value in failure associated with success and recognizing that you’re gonna make mistakes and not to beat yourself up over it. The other piece that I learned really is around building businesses with a high level of entrepreneurial focus, making sure that you understand exactly what market that you’re getting into, what markets you’re not getting into. This is especially a concern in consultancies.
Recognize there is some value in failure associated with success and recognizing that you're gonna make mistakes and not to beat yourself up over it. Share on XAnd I had this issue with the Terrorism Research Center. You know, somebody called us, we did anything that they asked and that created a very interesting business, but it was a very kind of dilutive business. It was hard for people to understand how to value it because we had a training division, we had a subscription business, we had a consulting service, and it was just kind of this overly complex aspect of it. So I think entrepreneurial focus is good.
When I got to FusionX, I had a very narrow focus around the problem that we were going to solve and the services that we were going to offer and that we were going to be the best in the world and bring this different perspective. And then once you understand that, then it becomes incredibly valuable to build a team. I have always said that I felt like my biggest skill set as an entrepreneur was the ability to identify, recruit and retain talent, create a culture and an environment that they want to work in that is kind of a, you know, gives them an opportunity to thrive and then the company success kind of gets is carried along or is codependent on that.
So for me, you know, entrepreneurial focus and team building are kind of the two really key tenets for how I view business today. The legal, the HR, you know, all that stuff kind of falls into play. That becomes very kind of systematic. With OODA, we had a little bit more of a different design in that we recognized that we had just in the name itself with OODA, which stands for Observe, Orient, Decide, Act, it’s a decision loop. what we wanted to do was build a service that would enable other companies to have a more efficient, more informed decision loop.
So our real focus was let’s design a consultancy around helping other people make more informed decisions, faster, think creatively, thinking without constraints. And I know we’ll talk a little bit about kind of hack think and the approach there. But it was interesting for Ooda in that even just in the name of the company, we brought a framework with regards to this Ooda loop, which you are observing, which are the facts that you understand about the world.
Our real focus was let's design a consultancy around helping other people make more informed decisions, faster, think creatively, thinking without constraints. Share on XSo A, you have things that are coming into you organically, just based on the nature of the company that you’re running. You might have access to other information, whether it’s in the media or partners or services that you subscribe to. The orientation, which is kind of one of the more complex elements is deciphering all of these facts and these knowledge and data points that you have into something that’s meaningful for your business and then making an informed decision around that.
And then of course, executing, executing is key. You know, we talk about inspiration. There’s a great quote from Eric Haney, a former Delta Force operator that says, planning is everything. And for those that execute, maybe it is, or those that never execute, maybe it is, right? You have to reach that execution phase. So a lot of our focus is we bring a framework in of itself to our clients to help them operate in a very complex world with a lot of variables, a lot of threat actors, a lot of risks, but then also a lot of opportunity, right? Wherever there’s risk, there’s opportunity. And that is kind of the nature of the service. So it’s a little bit of a different beast this time around.
So, what you talked about inspiration, remind me of the Edison quote that success is 1% inspiration and 99% perspiration.
There is a lot of hard work, right? And, if you have that focus and you’re doing work that’s meaningful, I think that’s also been another differentiator for me, is that the teams I’ve been able to recruit have been around doing work that is not only financially lucrative, we’re building a great business and being entrepreneurial, but there’s an incredible amount of value. You’re helping a bank not get robbed by Russian cyber criminals. You’re helping protect intellectual property. You’re helping the US Department of Defense, right? So we’ve had this aspect of our business in which you’re actually helping solve these problems and preventing bad things from happening. And it’s nice to be able to energize a team around that type of mission.
No, definitely. I love that the mission and I like the concept of OODA. So observe, basically, basically pay attention, find those risks, find those opportunities, and then figure out how to use the information and then make a decision and execute, take action. That’s a really cool concept. And is this the major concept that you’re consulting around? So is this the expertise that you bring to the table when you work with clients?
It is, that’s primarily it. You know, and I wanna make sure I highlight that we didn’t come up with the OODA loop. It was actually first invented by a colonel named John Boyd. So when we talk about inspiration, Boyd’s OODA loop obviously was the foundation for what we’re doing. It just turns out that Boyd originally applied it to fighter pilot flying. I mean, he was a fighter pilot jet that was undefeated and was infamous for being able to defeat his adversaries even in a top gun type training exercises within 40 seconds.
And that attracted the attention of the Department of Defense and they brought him back to DC and said, you know, what is it that makes you tick? And he came up with this concept of OODA, right, that he has a decision loop and that he’s executing it faster than his adversary. So we’ve naturally, you know, over time have applied that concept into business, into cybersecurity and technology development. You know, it serves as a great decision-making framework. So overall, what we’re trying to do is help inform our clients’ OODA loop.
We use other mechanisms for helping to do that, right? I mean, OODA is a model in which making decisions, but then you have to ferret out other ways around how do you collect the information and the observables? How do you develop good frameworks for how to orient? You know, how do you create or engage in scenario planning for gaming out different types of decisions and the associated impacts? So we bring a broader framework of, you know, kind of thinking that we apply to helping them, UTA as the master concept, but then there are sub concepts within that that we bring to our clients to help them with.
Okay, so that’s very interesting. So can we dig a little bit deeper there. I’m especially interested in the Orient, the second letter in the acronym Orient. So what are the kind of thinking tools that you use to be able to orient to be able to synthesize and use the information that you observed. So, you can create the raw material for good decisions.
The overall arching framework that we use is something I call hack think. And that really is kind of my recognition that when we think about, you know, we just talked about the definition of a hacker. When we think about hacking or hackers, even with that positive connotation, we tend to try and constrain it into thinking only about cybersecurity, when in reality, that way of thinking is very valuable to lots of other ways to kind of inform yourself about the world from a red teaming perspective, right?
Understanding what your adversary, and in this framework I’m using adversary and it could mean that we’re talking about, you know, a criminal or it could be that we’re talking about a competitor, right? So you can replace adversary with competitor. What are some actions that your competitor is going to engage in? How do they view the market? If there was somebody who’s, you know, sole purpose was to make sure that you’re out of business in five years. What actions would they need to be taking now to disrupt your business or disrupt your markets, right? Purely legal, ethical, kind of pure competition type environments.
So we bring these different elements of hack think into play. So one being the red teaming, turning the map, see yourself as the competitor sees you. We do what we call kind of a time deferred thinking, or you know, you think of a potential outcome. And then if you assume that that outcome is a reality, you go back in time and figure out what do you need to do today in order to set the framework for that outcome to happen. So there’s different sub elements that we’ll use to help our customers kind of think through, because a lot of the decisions that they’re making are about the future, right? There’s the real-time mitigation crisis response, right?
We can definitely help with that. I have an attacker that’s coming after me in the cyber domain. How do I mitigate it? I’m having a real geopolitical issue with a particular country where I have business operations. How do I mitigate that? We can certainly help with that kind of crisis piece, but the highest value is about making decisions about the future. And that’s where some of these sub frameworks around the orientation with the hack think start to come into play.
So, is the hack think kind of an umbrella concept under which you have the red teaming concept, the time shifted thinking concept?
Yeah, it definitely is. Yep, and we’ll do, you know, we have other elements of that. One we refer to as kind of chaos thinking, where you just kind of introduce a lot of random noise into the process as well. When you think about kind of classic scenarios or wargaming of things that are called injects and typically the injects are things that tend to make sense or they play out a particular you know scenario planning path.
We will do some where we will call kind of chaos injects you know where are things about the world that are I don’t want to call them black swans but are maybe unanticipated events or unanticipated things that are going to happen. What is the impact there. We’ll do some where we say it’s, we’ll call it signal thinking, where we’re looking at only signals that are collected from outside your environment.
So what is the rest of the world saying? How is the rest of the world behaving? Right, to try and help them remove that kind of internal decision bias. Now, obviously you don’t want to base your decision only based on external signals, but it can be really helpful for people to get an orientation that helps them, you know, better understand the world in a broader context or the market in a broader context if they are absorbing only signals that originate from outside the organization.
So we have all of these different kind of sub-elements that we apply depending on what type of decision it is. Are we talking about developing a new technology? Are we talking about developing in an emerging market? Are we talking about maintaining the competitive status in a particular market? Are we talking about the creation of a completely new category of technologies, quantum computing or real general artificial intelligence? So there are different frameworks that we can apply depending on the problem set that we’re looking at.
That’s fascinating. And so what you talk about on your website is that it’s both risk and also opportunities as well. So is the approach the same for both? Is it just by observing and orienting and interpreting, interpreting the environment and the signals. Is it the same process to stumble upon the opportunities as the risk or it requires a different mindset because it’s more of an expansive mindset, when you’re looking at opportunities.
I’m actually surprised over time, obviously, there’s some slight variations. But I’m surprised over time and how much they converge, you know, based on how you have to think about it. And again. I think you need to separate out a neat term risk or threat, you know, something that is happening now versus something that is an overall risk, right? A change in the world that happens that impacts you or a change in the market that happens that impacts you. But the opportunity space is also thinking about that similarly, right?
So thinking about how is the world changing or the market changing and what opportunities are there. And then there’s also inherent opportunity in being able to appropriately manage risks. This is an area where I spend a lot of my time, where you have companies who seem almost overwhelmed by the risks that the organization faces, and it creates almost a little bit of paralysis. This is especially true around cyber risk.
If you look at the budgets that people are spending on managing cyber risk, if you look at the attacks that are still happening, and it can almost be freeing to come in and help them step through the process of understanding, okay, cyber risk is a business risk that you manage like other risks, right? The first step is acknowledging that, that this is not different. You are an entrepreneur, you’re a business person, even if you’re a country, that you’re used to managing risks and we have frameworks for managing them.
The second piece of that is understanding, helping them think through what is a catastrophic or consequential attack? What is something that’s going to be meaningfully impactful to you? Attacks are going to happen. Things are going to happen. You can’t prevent all risks. Understanding which ones you absolutely have to prevent because it would sink your business, that’s where we need to focus. And then once they recognize that, you say, okay, well, what piece of the business or what part of your technology environment is associated with those consequential or catastrophic risks. And then let’s build a protection strategy around that first.
And then let’s build up from there. So even just bringing people in and getting them to understand that there’s a framework that they can apply for how they think about cyber risk. And that is not a bottomless budget that they need to expend money on, frees them up in the market, right? It allows them to go and pursue other opportunities. It allows them to adequately manage the risk. So there’s a lot of benefits even just in understanding and building a framework for how you manage risk that opens up opportunities as well. And the last would be that if you’ve got that risk appropriately managed, it can become a differentiator in the market, right?
So now all of a sudden I’ve gone from, if we stick with the cyber risk example, something that was impactful to me, I was spending a lot of budget on, I didn’t really have a plan around how to manage it. I felt like I was overspending and going to these conferences and buying one of every technology that I saw on the show floor. And now you say, oh, I have a plan. I understand what risks are there, what threatened actors are looking to expose them, what weaknesses were there, how I put controls in for those weaknesses. Now I can go to market with that as a competitive differentiator because I have an advantage over other entities that are out there, maybe operating in the same space.
It’s interesting that you talk about managing the risk and understanding the risk, because my experience is also that the biggest problem with risk is the uncertainty. And when people think of the risk as an overwhelming uncertainty, it paralyzes them. But if they think through the different scenarios, what’s the worst case scenario. What’s the contingency plan that we could actually the worst case scenario it kind of puts things in perspective and says okay, even the worst case scenario we could survive this but this is the likelihood of that is really low.
But the fact that we can survive that comforts us and releases the energy to do a baby take real you can see this as taking risk but just living with the risk and still moving forward. So going on this OODA loop first, so observe, orient, so discuss, observe, orient, decision and action. Do you still take part of in the decision and the action as well? Or you basically just help them figure out what are the scenario? How could they manage it, what are the solutions, what is the noise, and then you just give them the tools to take the decision and the action themselves.
The biggest problem with risk is the uncertainty. When people think of the risk as an overwhelming uncertainty, it paralyzes them. Share on XYeah, we’re helping them through the decision process. Right. But if you’re an executive at a firm, the decision rests with them. So it’s not that we’re making a decision for them. What we are doing is making sure that they are making the most informed decision that they can make or increasing the pace of the decision making process, right? Sometimes what we encounter is that the decision-making process is just too slow and we have to build some accelerators so that they get to the decisions that they need to make, but that they get there quicker, or they become accepting of not having all data or acting on the data that they have or, you know, developing realistic scenarios around the variables that they currently understand.
We saw that, you know, in particular with COVID, I was doing a lot of advising, even at the state government level, on just helping people step through a more rapid decision-making process, right? It was, we got stuck in this trap of saying, well, I’m gonna wait for more data tomorrow and more data the next day. And we were trying to coach people to say, okay, based on the data that you have right now, make a decision and what would that decision be? And then if you get X data tomorrow or X data next week, how would it impact that decision?
And they slowly start to realize that the decision was right there in front of them, you know, except they just kept deferring it because they were waiting for more data, but the decision was there to be made. So we will get them to that decision element, right, where that option to make the decision to act or to not act or to enter into a market or to start a new technology, we will help them get there. The execution primarily is on their part.
And we do do some hands-on consulting where we will help from an execution perspective around what needs to happen in the market. Maybe it’s helping prototype or build out a new technology, or maybe it’s around remediating a real cyber risk where they need some operational help. But for the most part, that’s an internalized, you know, for a majority of our clients, we’re getting them to the decision and then the act is on their part.
And then the key element of this, you know, that obviously makes it a little bit sticky for us as consultants is that OODA is not a standalone concept. It’s called an OODA loop. It’s an iterative process. You have to be collecting those observables that are going to impact how you execute over time, right? So it’s building out as something that is a cyclical process where you don’t just have a set decision, you build some adaptability and some agility into the plan that you’re executing as well to account for changes, new variables, new things emerging.
OODA is not a standalone concept. It's called an OODA loop. It's an iterative process. You have to be collecting those observables that are going to impact how you execute over time. Share on XSo, I get that. It becomes this loop, and it becomes a process of regularly observing and orienting and it becomes a way of life for companies to do that. And you teach them how to live like that. So let’s switch gears a little bit. I want to ask you before we wrap up about cybersecurity and the threats. So when we’re talking about managing that risk. So for a business, let’s say small to medium sized business, maybe, you know, five to $50 million in revenue, what is the biggest cyber risk? And what is your vision of where the world is going? So how are these cyber risks, are these going to escalate? And what is the worst case scenario where this could escalate to a point where private businesses could really be permanently disrupted.
I mean, I think we’re seeing it right now where the disruption is pretty significant, you know, just based on some of the attacks that we’re seeing. If you talk about five to 50 million, you know, I’ll make an assumption in my response that they’re a business that doesn’t have something that we would consider to be high-value intellectual property. You know, they don’t have a new cure for cancer, et cetera, because the threat that the environment that they face is different if you have really valuable intellectual property.
So if you’re just a business operating in that five to 50 million range and you don’t have high value IP, the most likely threats that you’re gonna face come in kind of two categories. One is the opportunistic, where, you know, just by nature of the fact that you’re operating on the internet and that you have email, that there are attackers that are targeting you, not because they know what your business does or that they want to disrupt it, but because you provide an opportunity.
You provide an email that an employee clicks on, on a system that hasn’t been patched that allows for them to install ransomware in your environment, and now you’ve got to pay a ransom, right? So they’re economically motivated, and it is, you’re really just a casualty of the modern business world. You know, you’re operating on the networks, you’re engaging over email. The real differentiator there though, is in two areas. One is that you’re maintaining appropriate level of patching on the systems that you’re operating. That is critical in a lot of these attacks. And then the second is understanding about resilience and recovery, right?
The ransomware is a nuisance for organizations that have a robust backup and recovery plan where they can reconstitute their systems and say, okay, you know, you’ve got us, we’re not paying the ransom, we’re wiping all the systems, reloading from backups, pain in the ass, but at the end of the day, it’s not highly disruptive. If you don’t have the good resiliency, a backup and restore capability, now you’re faced with significant disruption to your business operations that you have to deal with or paying the ransom, which has economic consequences.
So that’s one, where it is the ransomware and the opportunistic targeting that’s taking place every day. The other area from a small business perspective that I would advise around is what we call business process exploitation, where they establish some sort of foothold, they compromise somebody’s email account, or they spoof somebody’s email account, and they start to social engineer the decision-making process, particularly around the transfer of funds. We see this take place in multiple spaces.
It could be that they say that the company is making a new investment in an emerging market and the CEO wants $5 million transferred to this company overseas, and here’s the bank account, and the money gets moved. Other times we see where they call and they say, okay, I know you have a great relationship with this network security, or we’ll call it kind of a network appliance vendor. So we’re that vendor and we just moved banks and here’s our new accounts payable information. Can you put this in your AP system?
And then the next time that that vendor generates a real invoice, it gets paid to the wrong bank account. So we’ll see where these attacks take place, where they’re really targeting the people in the processes in order to steal money. And these are successfully happening every day and targeting all different types of companies from Fortune 10 to Fortune 500,000. The business process exploitation is something that is a real threat for some of these organizations because it involves real financial theft. You know, there’s real money that is moving out of bank accounts.
Okay, that’s well, scary and fascinating at the same time. I’ve never heard of this business process exploitation, but it makes a lot of sense that people would try to do that. Obviously, the ransomware is all over the news. So, so I’m aware of it and I’m sure everyone is aware of it or listening to this podcast. Hopefully, if not, they already are because they listen to it. So fascinating topics.
So this whole loop idea that you observe orient, and you make the right decisions and you make it a way of life to manage your risk and to explore your opportunities and move forward, move your companies forward. So if you are listening to this and would like to learn more about, if someone is listening and would like to learn more about what you do, perhaps interested in your services or would like to connect with you, where should they go? How can they find out more?
Yeah, the easiest thing is to just go to ooda.com. So just ooda.com is where our consultancy is. But then we do operate, as you mentioned in the intro, a site called oodaloop.com, so oodaloop.com, where we run a service that is all around providing this information, what we would call the observations and some of the orientations, right, deciphering what it means to the world for the executives. So it is an information source that they can utilize that is a subscription and membership driven.
Subscribers get access to the content, members get access to the community, where once a month we bring all these decision makers to share their experiences and talk through global issues that are impacting them, whether it be cybersecurity or geopolitics, or even the events we talked about Afghanistan last Friday on the call. So there’s a membership component where we’re trying to build a community of practice, a community of interest, and allow them to derive value from networking with each other as well.
Okay, that’s very cool. And Matthew Devost, you also have a LinkedIn page, so people can find you there. So thanks for coming on the show. And for our listeners, if you enjoyed the show, please rate and review us on Apple Podcasts, subscribe on YouTube, and stay tuned because next week, we’ll have another fascinating entrepreneur come and talk to us on the show. Thanks, Matt, for joining us.
Thank you for having me. I enjoyed the conversation.
Important Links:
- Pinnacle: Five Principles that Take Your Business to the Top of the Mountain
- Stevepreda.com
- Matthew’s LinkedIn
- Matthew’s Website: OODA.com
- The OODA Loop website
- Steve Preda’s Book: Buyable
- Complete the Buyability Assessment for Your Business