Muddying the waters today is the growing gap between cybersecurity red teamers and red teamers of other kinds.1 I’ve done my best to define the differences (here, here, and here, for example), but it wasn’t until this week that I finally realized explicitly that the confusion isn’t just about types of red teaming, it’s also about red teaming roles.
Cybersecurity red teamers tend to focus on one type (Gegenspiel) and one role (technical), and since they’re presently securing the bulk of red teaming dollars (and euros, pounds, yen, and rubles), they’re dominating the conversation dollar-by-dollar. I think that’s a mistake, however—a mistake that limits not just other types and roles, but one that limits cybersecurity red teaming as well.
Read the full post at the Reciprocal Strategies blog.
- Yes, I appreciate the longstanding resistance to the term “cyber,” and I get it; I also bow to the overwhelming currency of the term. [↩]