As I reflect on my career over the past 12+ years, starting as a traditional forensic analyst, then moving to incident response, intelligence fusion, strategic consulting, and so on, I can’t help but see similarities between my own journey and that of many cybersecurity organizations we support at Leidos Cyber. Prior to 2005, when cyberattacks against the government and defense contractor world were being waged, we didn’t have time to stop and ask ourselves what we were seeing or doing. Once we got our bearings and operations became more stable, we began to ask and answer questions as a CND community: What just happened? How can we fix it and secure ourselves? Why does this keep occurring?