An international security expert shows how competitive organizations can get—and stay—ahead by thinking like their adversaries
An international security expert shows how competitive organizations can get—and stay—ahead by thinking like their adversaries
Red Teaming is a revolutionary new way to make critical and contrarian thinking part of the planning process of any organization, allowing companies to stress-test their strategies, flush out hidden threats and missed opportunities and avoid being sandbagged by competitors. Today, most — if not all — established corporations live with the gnawing fear that there is another Uber out there just waiting to disrupt their industry. Red Teaming is the cure for this anxiety. The term was coined by the U.S. Army, which has developed the most comprehensive and effective approach to Red Teaming in the world today in response to the debacles of its recent wars in Iraq and Afghanistan. However, the roots of Red Teaming run very deep: to the Roman Catholic Church’s “Office of the Devil’s Advocate,” to the Kriegsspiel of the Prussian General Staff and to the secretive AMAN organization, Israel’s Directorate of Military Intelligence. In this book, author Bryce Hoffman shows business how to use the same techniques to better plan for the uncertainties of today’s rapidly changing economy. Red Teaming is both a set of analytical tools and a mindset. It is designed to overcome the mental blind spots and cognitive biases that all of us fall victim to when we try to address complex problems. The same heuristics that allow us to successfully navigate life and business also cause us to miss or ignore important information. It is a simple and provable fact that we do not know what we do not know. The good news is that, through Red Teaming, we can find out. In this book, Hoffman shows how the most innovative and disruptive companies, such as Google and Toyota, already employ some of these techniques organically. He also shows how many high-profile business failures, including those that sparked the Great Recession, could easily have been averted by using these approaches. Most importantly, he teaches leaders how to make Red Teaming part of their own planning process, laying the foundation for a movement that will change the way America does business.
Red Teaming is can be described as a type of wargaming.In private business, penetration testers audit and test organization security, often in a secretive setting. The entire point of the Red Team is to see how weak or otherwise the organization’s security posture is. This course is particularly suited to CISO’s and CTO’s that need to learn how to build a successful Red Team, as well as budding cyber security professionals who would like to learn more about the world of information security. Teaches readers how to dentify systemic security issues based on the analysis of vulnerability and configuration data Demonstrates the key differences between Red Teaming and Penetration Testing Shows how to build a Red Team and how to identify different operational threat environments.
“Think like our enemy! is a directive straight from Sun Tzu’s The Art of War. It is this idea, predating computing by millennia, that is at the core of Red Team Testing. The methodology behind red teaming takes the shackles off of security consultants and pen testers, allowing them to truly test a company’s physical, electronic, and computer security. Chris Nickerson details how red team testing provides real world results that can evaluate and drive out business risk in this new age of threats. Security professionals will learn techniques and technologies used by advanced hackers, including how to conduct social. engineering, lock picking, phishing, application, wireless and several more dangerous blended threats. Anyone involved in testing and auditing a company’s security must know how where their security is and how to optimize it for today’s threats. This book and methodology does just that. Teaches you how to think like a hacker, so that you see security strengths and weaknesses as they truly are Identifies business trick using hacker techniques and tactics like social engineering and blend attacks Provides a methodology for red team testing, including intelligence gathering, planning the attack, and post-compromise reporting
Written to bridge the information needs of management and computational scientists, this book presents the first comprehensive treatment of Computational Red Teaming (CRT). The author describes an analytics environment that blends human reasoning and computational modeling to design risk-aware and evidence-based smart decision making systems. He presents the Shadow CRT Machine, which shadows the operations of an actual system to think with decision makers, challenge threats, and design remedies. This is the first book to generalize red teaming (RT) outside the military and security domains and it offers coverage of RT principles, practical and ethical guidelines. The author utilizes Gilbert’s principles for introducing a science. Simplicity: where the book follows a special style to make it accessible to a wide range of readers. Coherence: where only necessary elements from experimentation, optimization, simulation, data mining, big data, cognitive information processing, and system thinking are blended together systematically to present CRT as the science of Risk Analytics and Challenge Analytics. Utility: where the author draws on a wide range of examples, ranging from job interviews to Cyber operations, before presenting three case studies from air traffic control technologies, human behavior, and complex socio-technical systems involving real-time mining and integration of human brain data in the decision making environment.
In 1999 and 2000, the JAWP conducted with and for the U.S. Joint Forces Command its first joint experiment, J990l: Attack Operations Against Critical Mobile Targets. The experiment's primary focus was on exploring new joint concepts to detect and attack critical mobile targets, specifically theater ballistic missiles (TBMs) circa 2015. To expose these concepts to an adaptive enemy, a Red Team was employed to develop and execute various aspects of a future TBM force, including counters to Blue Force attack operations. The Red Team experience in J9901 also contributed to the process of learning how to design and conduct future joint experiments. This paper makes the case that Red Teams are needed throughout concept development and experimentation, and further, that red team activities should be embedded in a disciplined process of Red-Blue interaction. At one level, red teaming could challenge our strategic context and visions of future military capabilities by inventing and exploring counter-strategies and challenging scenarios. At a second level, red teaming could focus on identifying counters to proposed new operational level concepts and capabilities; for example, the Rapid Decisive Operations concept designated by the Chairman of the Joint Chiefs of Staff as "the tool to operationalize Joint Vision 2020". A third level of red teaming activity could be in direct support of experimentation by serving as the opposing force in individual experiments. The author concludes with a discussion of the role of Red Teams in the overall transformation process that DoD is seeking to implement.
In 2007, Steve Ballmer, the CEO of Microsoft, declared: "There's no chance that the iPhone is going to get any significant market share." The year after, the CEO of Blockbuster told press that "Neither RedBox nor Netflix are even on the radar screen in terms of competition". Well, hindsight is always 20/20. But what if there was a way to make foresight just as sharp? Arguably, neither of these companies would have been blindsided if they had had red teams. The ingenious and counterintuitive practice of red teaming has its origins in the military, and involves creating a group of devil's advocates to think like the enemy, challenge existing assumptions within an organisation and find holes in its strategy. It's a powerful cure for groupthink, tunnel vision and failures of imagination - ailments that have transformed many once-great corporations into the walking dead of the business world. RED TEAMING is the first major book to look at the business applications of red teams. It will provide readers with a guide to the core techniques of red teaming as well as its history and fascinating real-world examples. It will teach businesses how to challenge the conventions of their industry like an innovative disruptor would, and spot threats while there is still time to respond to them - creating a culture in which challenges are not only tolerated, but valued.
Since the end of the Cold War, the United States has recognized the need to transform its military forces to meet future security challenges. Joint experimentation is the preferred means for exploring and testing innovative new concepts and capabilities. But without a thinking, adaptive adversary, there is a small chance of hitting the mark that transformation aims for. A strong and independent Red Team can examine both strengths and weaknesses of new concepts before next-generation capabilities are developed and fielded. This annotated briefing is based on experiences gained by a JAWP team while conducting Joint Experiment J9901, Attack Operations Against Critical Mobile Targets, on behalf of the USJFCOM. It first examines the spectrum of Red Teams and how different forms of red teaming contribute to the transformation process. Next, it considers the challenges that face effective red teaming and some desirable attributes a World Class Red Team might possess. The briefing then looks more closely at the issues surrounding the establishment of a Red Team and a range of alternatives for setting up a Red Team. Finally, it proposes a concept for establishing a prototype Red Team. The potential value of red teaming in the transformation process warrants the early establishment of a prototype Red Team that can engage in ongoing development of new concepts and the joint experiments to test those concepts. The remainder of the brief discusses a proposal for a pilot Red Team to support these and other aspects of the transformation process.
Red teaming is an advanced form of assessment that can be used to identify weaknesses in a variety of cyber systems. It is especially beneficial when the target system is still in development when designers can readily affect improvements. This paper discusses the red team analysis process and the author's experiences applying this process to five selected Information Technology Office (ITO) projects. Some detail of the overall methodology, summary results from the five projects, and lessons learned are contained within this paper.
The Red Team Field Manual (RTFM) is a no fluff, but thorough reference guide for serious Red Team members who routinely find themselves on a mission without Google or the time to scan through a man page. The RTFM contains the basic syntax for commonly used Linux and Windows command line tools, but it also encapsulates unique use cases for powerful tools such as Python and Windows PowerShell. The RTFM will repeatedly save you time looking up the hard to remember Windows nuances such as Windows wmic and dsquery command line tools, key registry values, scheduled tasks syntax, startup locations and Windows scripting. More importantly, it should teach you some new red team techniques.
The inside story of the eipc turnaround of Ford Motor Company under the leadership of CEO Alan Mulally. At the end of 2008, Ford Motor Company was just months away from running out of cash. With the auto industry careening toward ruin, Congress offered all three Detroit automakers a bailout. General Motors and Chrysler grabbed the taxpayer lifeline, but Ford decided to save itself. Under the leadership of charismatic CEO Alan Mulally, Ford had already put together a bold plan to unify its divided global operations, transform its lackluster product lineup, and overcome a dysfunctional culture of infighting, backstabbing, and excuses. It was an extraordinary risk, but it was the only way the Ford family—America’s last great industrial dynasty—could hold on to their company. Mulally and his team pulled off one of the greatest comebacks in business history. As the rest of Detroit collapsed, Ford went from the brink of bankruptcy to being the most profitable automaker in the world. American Icon is the compelling, behind-the-scenes account of that epic turnaround. In one of the great management narratives of our time, Hoffman puts the reader inside the boardroom as Mulally uses his celebrated Business Plan Review meetings to drive change and force Ford to deal with the painful realities of the American auto industry. Hoffman was granted unprecedented access to Ford’s top executives and top-secret company documents. He spent countless hours with Alan Mulally, Bill Ford, the Ford family, former executives, labor leaders, and company directors. In the bestselling tradition of Too Big to Fail and The Big Short, American Icon is narrative nonfiction at its vivid and colorful best.