Red teaming is useful for articulating the possible. That said, when something is possible it doesn’t mean it’s likely; it just means it can be done or it could happen. The following questions are among those that still need to be answered.
- Is it economical, and to whom?
- Is it feasible, and to whom?
- Is it preferable, and to whom?
- How likely is it to be undertaken, and by whom?
- How likely is it to succeed?
- What consequences are likely to ensue?
- How easy is it to counter?
- How expensive is it to counter?
- Will the possible responses lead to other advantages or disadvantages, and to whom?
Simply admitting it’s possible, then, is only the first step, but it’s a very important one. Read on …
For those of you who missed our presentation at BlackHat this year, let me introduce you to three terms I use to characterize deception:
- Eye-to-eye: A game in which both (all) players see the same game. No players assume that any other player sees anything different.
- Con: A game in which at least one player holds a perceptual advantage over the others.
- Hypercon: A game in which at least one player sees through the con and thus holds a perceptual advantage over the “conning” players.
Note that any of these perceptions can be wrong, which can make things very interesting. The potential for the con and hypercon (perceived and misperceived) always exists. Sophisticated strategists and red teamers look to guard against and exploit the possibilities inherent in this potential.