Catch the recent “Politics, Power, and Preventative Action” podcast interview with RTJ founder Mark Mateski.

10 Principles of Good Red Teaming (2003)

Editor’s note: This is a companion piece to the previous post and was first published on Red Team Journal in June 2003.

A fine line often separates a dynamic red team from a prescripted and predictable red team. Note that the following principles apply not only to red teaming, but to wargames, exercises, and studies in general.

  1. Integrity: Integrity comes first; without it, any red teaming effort is a loss. This applies both to the red team itself and to the team’s sponsor: the team, for example, must be willing to be surprised, and the sponsor must give the team the freedom to be surprised. Integrity is closely aligned with intellectual courage.
  2. Foresight: A good red team anticipates the problems-after-next. It seeks to understand how the adversary might adapt and respond to BLUE actions. Critical here is the ability to view the interactions between RED and BLUE as part of a larger, interconnected system of issues and problems.
  3. Realism: A realistic red team understands how things work in the real world. Above all, this requires the right kind of people–people who understand the adversary’s culture, values, and history; people who have direct, first-hand experience in the problems of interest; and people who aren’t afraid to cut across the grain.
  4. Persistence: Good red teaming requires a persistent mandate. This encourages a long-range perspective, allows the red team to learn from its successes and mistakes, and promotes accountability. A one-off red team tends to provide one-off insights.
  5. Relevance; A good red team eschews ivory-tower pretension, addresses timely issues in a timely manner, yields practical insights, and does so in a way that connects these insights to real-world practitioners.
  6. Method: Good red teaming is more than simply brainstorming doomsday scenarios. Method enforces clear and consistent thinking, helps a team identify what it doesn’t know, and provides a reliable means of capturing and communicating insights.
  7. Self-awareness: A good red team red teams itself. It promotes internal humility, curiosity, and skepticism.
  8. Order: A good red team starts at the level of ideas and strategies and then proceeds to the details. The sooner a red team turns to issues of technology, tactics, and money, the sooner it forecloses alternative and potentially innovative strategies.
  9. Responsiveness: A good red team learns from both itself and the adversary. This requires explicit and responsive feedback loops. The value of responsiveness is relative to the responsiveness of the adversary.
  10. Discretion: “Don’t give good ideas to the bad guys.”