While I’ve long said that red teaming is useful for more than just security, I believe security red teaming remains by far the dominant form. To test this hypothesis, I surveyed the first five pages of red teaming jobs on Indeed.com.1
What I learned informally confirmed my hypothesis. In the first chart, you’ll see that the only non-IT forms of red teaming that appeared were proposal management jobs and jobs that I binned in the “intelligence” category (one involved future technologies and the other described a general intelligence red teaming role). I separated the IT-security jobs—those with the red bars—into categories as best I could based on the job announcements, but the overall trend is clear: roughly 85% of the jobs listed relate directly to IT security.
I also surveyed which hiring organizations were from the government and government contracting sectors and which were from the commercial sector. As you can see, government-related jobs accounted for well over 2/3 of the jobs listed.
Finally, I noted that not one of the jobs involved non-IT security or non-government/government contracting responsibilities. While I’ll continue to advocate for the use of strategy and planning red teaming and devil’s advocacy in the commercial domain, it looks like it might still be some time before it’s practiced widely.2