It’s almost here! Join us this Thursday us for our first two-hour online mini-course, “Framing the Red Team Engagement.”

Training Update

We’ve updated our training event schedule. Unfortunately, the webinar on strategic red teaming and scenario planning is full. As you’ll see, we’ve added a two-day Becoming Odysseus session in Maryland in August (registration details soon) as well as a second two-hour online mini-course. If the interest exists, we might offer another session of the scenario planning webinar before the end of August. Just let us know if you’re interested. Finally, note that the first two-hour online course is this Thursday. There’s still time to register!

In Memory of Dennis Hess Mateski (1942–2013)

Please forgive me for a rare personal post. When I was four or five, I remember asking my Dad to draw me a picture of a P-51. When I woke up the next morning, he had already left for work, but the P-51 was there on the table, finished and lightly colored. The world has certainly changed a lot since then, but I thought I’d try my hand at drawing a P-51 myself, this time on the computer. This P-51 is for you, Dad.

RTJ Mustang 02

Course: Framing the Red Team Engagement (Open)

Sometimes a bit of time spent up front can pay off handsomely later. It’s the old adage “A stitch in time saves nine,” and we believe it applies to red teaming. In our first two-hour course, “Framing the Red Team Engagement,” we introduce our high-level red teaming process model and address the challenge of incorporating your stakeholders’ problems, goals, and metrics in your design. Doing this before you set your red team loose can not only help aim your team in the right direction, it can also help you preserve analytic consistency and transparency throughout the engagement. In addition to discussing red teaming process, we add frames of reference, stakeholder modeling, and objectives trees to your red teaming toolkit. The course is designed for both beginning and experienced red teamers from all domains. To register, go to our WebEx Training Center page and find the course listed on 4 June. This first offering is limited to students in the United States and Canada. The cost per individual is $149.

Course Slide

Webinar: Strategic Red Teaming/ Scenario Planning (Closed)

Regular Red Team Journal readers are probably familiar with our consistent call for better strategic red teaming, and we figure it’s time for us to do something about it. We’ve scheduled a collaborative scenario planning webinar for June 30. We’ll introduce the basic concepts of scenario planning and then jump right into an exercise focused on the broad context of national security. We’re considering running several webinars on different topics and sharing the results on RTJ. (Sorry, but registration is now closed.)

Security Risk Infographic

We drafted this last year and then promptly forgot about it! It’s an infographic that introduces some risk concepts we believe red teamers should understand, and we think it nicely complements our earlier post on risk and red teaming. Click the image below to view the whole infographic.

RTJ Risk Infographic 600 Fade

Red Teaming Myth #4

It’s time for myth #4, and here it is: Red teaming is exclusively a security practice. Yes, red teaming flourishes in the security domain, but we sometimes forget that it’s a general-purpose tool. For example, an undergraduate economics major recently told us that when studying cases of business failure he saw assorted opportunities for red teaming. We couldn’t agree more.1 Red teaming is a practice that applies broadly to all decision making. Pick your domain, and you can apply red teaming to it. Whether you’re facing an adversary, a competitor, or just a decent dose of uncertainty, it almost always pays to employ a degree of devil’s advocacy, if not a more structured form of red teaming. In fact, we recommend adopting a red teamer’s point of view whenever you face a consequential decision.

  1. Carroll and Mui agree as well. Check out the last two chapters of their book Billion Dollar Lessons. []

The Red Teamer’s Go-To Move #4: Understand and Exploit Metrics

A metric is “A system or standard of measurement,”1 and we generally combine a target and a metric to define success or failure. In this way, metrics quantify our goals. For example, we might define success as sales of more than $1 million (the target) dollars (the metric), or we might define failure as damage to at least 10 (the target) systems (the metric). When red teaming, it is essential to understand both the defender’s and the attacker’s metrics. Read on …

  1., definition noun/technical. []

Updated Resources and Navigation

As part of our ongoing Spring-cleaning effort, we’ve revised our Resources page to feature …

  • A new Red Teaming Links page (essentially the old Resources page with new and refreshed links),
  • The RTJ Quotes page,
  • The “See It Like Jones Would” essay series,
  • The Two-Minute Interviews,
  • The Myths of Red Teaming, and
  • The Red Teamer’s Go-To Moves.

You’ll now find the classes of items that warrant their own pages (links, quotes, and the Jones essays) as submenu items under “Resources” tab on the top menu bar. We’ll add pages and menu items for the rest of the series as they grow and require their own pages. Contact us if you know of something of interest to the red teaming community you think we should add to the Red Teaming Links page.