Hacking Bureaucracy

Online Training date: October 26-27, 2021.


Bureaucracies didn’t start out as soul-crushing obstructions to innovation and agility, but you can’t escape them today. Whether you’re in government, industry, school, or an independent practitioner, you face relentless bureaucracies that impede progress, destroy morale, and frustrate security. Not taught in schools or other institutional learning facilities, this course plays to the puzzle-solving superpowers of the hacker mindset. Come learn how to achieve your personal and organizational goals effectively and legally, by hacking the system.


In theory, bureaucracy isn’t a bad thing. Really. Bureaucracy allows large organizations to scale and accomplish complex missions that would otherwise be impossible. In practice however, bureaucracies easily become their own worst enemy. Particularly vulnerable are the innovative people, new missions, and agile organizations essential for success in information security and cyber operations. You can’t escape the bureaucracy, but you can hack it.

If navigated appropriately, success is possible despite the bureaucracy, and sometimes even because of it. Hackers are adept at bending complex systems to their will, and bureaucracies are nothing if not complex systems. The techniques, tactics, and rules of the game are a bit different in the bureaucratic domain, but the hacker mindset is the same.

This course provides strategies for hacking bureaucracy that everyone can apply. To be clear, we are not suggesting anything illegal, but instead offering ways to accomplish legitimate objectives using legitimate means despite the mountains of TPS reports you may have to face.

We’ll cover:

  • Understanding bureaucracies as complex systems.
  • Knowing when to fight, when to route around, and when to socially engineer.
  • Reverse engineering the stated and actual power networks in organizations.
  • Operating from the outside-in, from the inside-out, and from within organizations.
  • Applying OSINT and HUMINT methodologies to gather intelligence.
  • Threat analysis and risk assessment.
  • Planning, wargaming, actions, and intended and unintended effects.
  • Working within legal and ethical constraints.
  • Case studies of real world examples.
  • Most importantly, hundreds of offensive and defensive bureaucracy hacking TTPs: for the individual, the leader, and the organization.

This interesting and fast-moving class will include hands-on exercises to apply and reinforce the skills learned. You’ll leave this course with a fresh perspective and a toolkit of techniques to better accomplish your mission.

The views expressed in course are those of the author(s) and do not reflect the official policy or position of their current or past employers, the Department of Defense, or the United States Government.

About the Speakers