Close Menu
World Forbes – Business, Tech, AI & Global Insights
  • Home
  • AI
  • Billionaires
  • Business
  • Cybersecurity
  • Education
    • Innovation
  • Money
  • Small Business
  • Sports
  • Trump
What's Hot

What to Stream: Reneé Rapp, Anthony Mackie and Jason Momoa

July 28, 2025

Trump calls for DC to restore old NFL name as experts say Native mascots cause harm

July 27, 2025

What to know about the dating app Tea and its hacked data

July 26, 2025
Facebook X (Twitter) Instagram
Trending
  • What to Stream: Reneé Rapp, Anthony Mackie and Jason Momoa
  • Trump calls for DC to restore old NFL name as experts say Native mascots cause harm
  • What to know about the dating app Tea and its hacked data
  • If you don’t have diabetes, do you really need a continuous glucose monitor?
  • Blue Ivy shines on stage during Beyoncé’s Cowboy Carter tour
  • Judge pauses cancellation of humanities grants
  • African Americans move to Kenya to connect with heritage and culture
  • ‘South Park’ Creators Trey Parker and Matt Stone Are Now Billionaires
World Forbes – Business, Tech, AI & Global InsightsWorld Forbes – Business, Tech, AI & Global Insights
Monday, July 28
  • Home
  • AI
  • Billionaires
  • Business
  • Cybersecurity
  • Education
    • Innovation
  • Money
  • Small Business
  • Sports
  • Trump
World Forbes – Business, Tech, AI & Global Insights
Home » How do You Know if You’re Ready for a Red Team Partnership?
Cybersecurity

How do You Know if You’re Ready for a Red Team Partnership?

adminBy adminApril 29, 2025No Comments7 Mins Read
Facebook Twitter Pinterest LinkedIn Tumblr WhatsApp Telegram Email
Share
Facebook Twitter LinkedIn Pinterest Email
Post Views: 138


As cyber threats continue to evolve, more organizations are turning to Red Teaming to pressure-test their defenses in realistic, adversary-simulated scenarios.  But red teaming is not for everyone or for every organization. Before engaging in a full-scope exercise, it’s important to assess whether your program, people and processes are truly ready. In a previous column, we outlined the process and path an organization should take to build and advance a mature offensive security program.  That column looked at internal organizational dynamics, processes and established activities, and the indicators that would demonstrate readiness to evaluate a move to the next program level.  The final stage of advancement is full adversarial emulation,  Which includes approaches such as Red and Purple Teaming.  This article picks up the last left off to examine how you optimally engage a Red Team when you’re ready to take your organizational situation to the next level. 

Red teaming is a discipline focused on testing assumptions, processes, and human decision-making across the organization, often through the lens of realistic adversarial behavior. A Red Team engagement requires a significant commitment of time, money and resources. As much as the technical aspects are important, the partnership you establish with your Red Team provider is equally important. Like any relationship, openness, transparency, and honesty are critical to making sure that you’re ready to get serious and establish long-term success. Without proper strategic alignment and planning, Red Team engagements can erode trust and fail to produce adequate value.

Signs Your Org is Red Team Ready

To start, it bears revisiting the previous column’s message that to find true, actionable success with a Red Team engagement, you need to have established a grown-up security culture and have a mature organizational outlook.  

You first need to demonstrate accountability, responsibility and commitment.  From the last discussion this is represented by:

A strong culture that prioritizes and enforces security and risk-management

An established, programmatic approach to identifying and addressing flaws in assets and infrastructure, and be at the ready to respond should a flaw be exploited

A discipline that drives ongoing communication and improvement

The final step, is to assess your organization’s “emotional intelligence.”  Checking procedural boxes is one thing, but what have you learned about yourself, and how can you apply it to this next endeavor? Advancement often takes more steps and/or time as you get to higher levels. This is most certainly true in being able to optimize a Red Team engagement. You should have a history from which you can draw on experiences and learnings, in this case on multiple testing and assessments over a number of years.  This history, and the resulting successes and failures, are what will inform your ability to know and ask the right questions of your new partner, questions most pertinent to your organization.

Start with common goals

While every partnership encounters differences in opinions, preferences, etc., the strongest ones are formed by being up front about, and in agreement on, the goals you want to achieve together.

This first step is critical to understand, because while the goal of the exercise will be singular, the objectives and activities that will lead to that goal will likely be numerous and potentially widely varied. The two areas of focus in goal setting are the overall result you’re seeking at the end of the engagement, and the preferred scenarios that get you there.

Advertisement. Scroll to continue reading.

Overall engagement goals can be that you’d like to test the efficacy of your enterprise defenses overall and their ability to withstand all manner of onslaught. The goal could also be to gain a “ground truth” about your business resiliency, or the integrity of your technology.

The next step is what you want to learn about the integrity or vulnerability of those goals. Here you’ll work with your partner to identify the attack objectives, or the scenarios that will play out in pursuit of the goal.  Are you concerned about a specific threat actor or type of attack? Is your primary concern a singular or group of trophy assets?  Or even, are you worried most about internal systems, or external systems?

While this is the foundation of your Red Team engagement and it is beneficial to be as clear and focused as possible in choosing these goals and objectives, it’s also important not to paint yourself into a corner. Malicious attackers are flexible and adaptable, so in pursuing your stated goals, organizations must be flexible and ready to adapt objectives as new findings emerge during the engagement.

Shared paths and experiences

Compromise and common ground are critical to maintain a healthy and productive engagement.  For this, a carefully crafted and detailed Red Team scope and rules of engagement are critical to keep things on track and literally keep-the-peace.  While this is not a process attackers undertake, this could not be more important in this process to ensure you, and your testing partner “do no harm.”

Red teaming challenges assumptions, Additionally, as it also comprises testing the vulnerability of not just technical systems, but also people and process, a carefully crafted scope ensures focus on the areas importance to an organization and an effective engagement experience, while minimizing the chances of unintended collateral damage.  For example, misaligned testing rules can cause real and impactful business disruption.  Overly aggressive or insensitive Social Engineering tests can damage morale and trust in leadership.  As such, a comprehensive scope should include:

Timeframes – what are the windows of testing (i.e. inside or outside of business hours) and the duration of the overall engagement?

Milestones – How long should tests continue before determining sufficient evidence, and what are the thresholds for advancement through key stages?

Attack surface – Will the test involve social engineering, physical intrusions and/or technical incursions? Will certain people, areas or assets be excluded?  Is it an end-to-end attack or an “assumed breach” model where initial compromise is ceded

De-Escalation – If testing prompts an organizational reaction/response, what are the triggers for detection and deconflicton?

Communication – How often and by what channels will testers communicate with the primary stakeholders?

Pick the right Partner

Lastly, some threats to a relationship are not fiery conflicts, but the more subtle risks of complacency, secrecy or overcompensation. To avoid this, realize this is a team effort and you need that full team behind you to accurately assess the strength of what you have.  However, you need to carefully determine which team members should be involved, and what role they will play in scoping and/or responding.

First is about who is read-into the engagement and who is NOT being read into it.  For example, certain levels of management may be kept in the dark to truly test the adherence to, and performance of, processes for escalation.  You may also keep technical leadership out of the loop to assess responsiveness to a truly blind event.  

The second is to define the roles of secondary team members. Will they be bystanders or active participants in the game in terms of updates, decision making/deconfliction.  In this way, you can focus on the performance of key stakeholders, or conversely, the depth of your “bench” that may have to compensate for departures.

Finally, you need to make sure that you don’t have too many voices and perspectives in the room that could distract from focus and undermine the efficacy of the test. Be selective about who is involved in real-time communications throughout the engagement to avoid noise and distraction.



Source link

Share. Facebook Twitter Pinterest LinkedIn Tumblr Email
admin
  • Website

Related Posts

O2 Service Vulnerability Exposed User Location

May 20, 2025

Madhu Gottumukkala Officially Announced as CISA Deputy Director

May 20, 2025

BreachRx Lands $15 Million as Investors Bet on Breach-Workflow Software

May 19, 2025

Printer Company Procolored Served Infected Software for Months

May 19, 2025

UK Legal Aid Agency Finds Data Breach Following Cyberattack

May 19, 2025

480,000 Catholic Health Patients Impacted by Serviceaide Data Leak

May 19, 2025
Add A Comment
Leave A Reply Cancel Reply

Don't Miss
Billionaires

‘South Park’ Creators Trey Parker and Matt Stone Are Now Billionaires

July 25, 2025

After signing a new $1.5 billion deal with Paramount, Trey Parker and Matt Stone are…

How Jeffrey Epstein Got So Rich

July 25, 2025

Vanta Raises Funds At $4 Billion Valuation—Despite Not Needing Cash

July 23, 2025

Former Citigroup Chair Sandy Weill’s New $100 Million Gift To Harness AI For A West Coast Cancer Hub

July 23, 2025
Our Picks

What to Stream: Reneé Rapp, Anthony Mackie and Jason Momoa

July 28, 2025

Trump calls for DC to restore old NFL name as experts say Native mascots cause harm

July 27, 2025

What to know about the dating app Tea and its hacked data

July 26, 2025

If you don’t have diabetes, do you really need a continuous glucose monitor?

July 26, 2025

Subscribe to Updates

Subscribe to our newsletter and never miss our latest news

Subscribe my Newsletter for New Posts & tips Let's stay updated!

About Us
About Us

Welcome to World-Forbes.com
At World-Forbes.com, we bring you the latest insights, trends, and analysis across various industries, empowering our readers with valuable knowledge. Our platform is dedicated to covering a wide range of topics, including sports, small business, business, technology, AI, cybersecurity, and lifestyle.

Our Picks

After Klarna, Zoom’s CEO also uses an AI avatar on quarterly call

May 23, 2025

Anthropic CEO claims AI models hallucinate less than humans

May 22, 2025

Anthropic’s latest flagship AI sure seems to love using the ‘cyclone’ emoji

May 22, 2025

Subscribe to Updates

Subscribe to our newsletter and never miss our latest news

Subscribe my Newsletter for New Posts & tips Let's stay updated!

Facebook X (Twitter) Instagram Pinterest
  • Home
  • About Us
  • Advertise With Us
  • Contact Us
  • DMCA Policy
  • Privacy Policy
  • Terms & Conditions
© 2025 world-forbes. Designed by world-forbes.

Type above and press Enter to search. Press Esc to cancel.