Catch the recent “Politics, Power, and Preventative Action” podcast interview with RTJ founder Mark Mateski.

Go Forth and Red Team

If there’s one lesson we’ve learned in the years we’ve been running Red Team Journal, it’s that human beings are fundamentally overconfident. They’re also fundamentally shortsighted, and the two flaws combine in dangerous ways.
      Consider the types of systems we build. We almost always push the limits of technology. Rarely do we pause and ask whether the latest supertech gizmo is worth the cost or the risk. Why? We’re overconfident (we think we can manage any problems that emerge), and we’re shortsighted (we want the very latest and will worry about the risks later). It’s the madness of our age, and our adversaries have learned to exploit it. (The figure below expresses the basic problem.)
      How do we recover? We red team early in the system lifecycle and increase the priority of resilience during the concept and requirements phases. It’s that simple. We can launch graybeard panels, run costly studies, and write long-winded reports, but there’s really no need. I’ve just provided the answer–for free. Now go forth and red team.