Elsevier

Network Security

Volume 2016, Issue 11, November 2016, Pages 5-7
Network Security

Feature
Restoring executive confidence: Red Team operations

https://doi.org/10.1016/S1353-4858(16)30103-9Get rights and content

There is no silver bullet for information security. Effective defence is built around understanding the threat. Technology alone is not the answer and the evolving nature of the cyberthreat landscape means that any business can be breached. Embracing this thinking and continuously challenging a business's ability to protect, detect and respond to breaches is essential to reduce the risk of reputational and financial damage.

Effective defence is built around understanding the threat. Technology alone is not the answer and the evolving nature of the cyberthreat landscape means that any business can be breached.

Embracing this thinking and continuously challenging a business's ability to protect itself from, detect and respond to breaches is essential to reduce the risk of reputational and financial damage. This is why many organisations are turning to ‘Red Teaming’ – real-world attack simulations designed to assess and significantly improve the effectiveness of an information security programme, explains Mike Fenton of Redscan.

Section snippets

Considering a Red Team engagement

The underlying factors driving a Red Team engagement are usually executive-level concern and risk assessment requirements. This is because preventative security methodologies have proven to be incapable of guaranteeing safety from every attack.

Sources of breach discovery and time to discovery. Source: Mandiant ‘M-Trends 2016’.

It is essential for the business to acknowledge that a breach has already occurred – or, if the reverse is true, that it is only a matter of time until one does happen.

The engagement proces

Once a business has committed to a Red Team engagement, it is essential to ensure that operational risk remains within the boundaries acceptable to the organisation. Therefore, key stakeholders should be involved in the planning and approval stages. These include:

  • Board members and executives – different parts of the business will be targeted, so senior approval is essential.

  • Risk management – providing audit and risk business units with oversight of activities which will keep the

Applying the lessons learned

On completion, a formal feedback process occurs. This should include all stakeholders and enables the organisation to act swiftly and meaningfully on any recommendations. The ultimate goal for the commissioning organisation is to receive a concise, prioritised action plan that addresses:

  • Key findings for the executive team.

  • Technical team requirements and future commitments.

  • Tangible results and full risk analysis.

  • Immediate and long-term strategic improvements.

Alongside the business

Inclusiveness for success

Now more than ever, IT departments and executives need to work together to ensure that appropriate measures are in place to protect customers’ and shareholders’ interests.

Red Teaming is only one available option: however it is extremely effective and available to companies of any size. A well-conceived engagement will highlight deficiencies in people, process and technology. This should not be considered as a failure, but an opportunity to enhance technical measures and risk control policies.

About the author

Mike Fenton is the CEO of Redscan and one of the organisation's founding partners. His primary responsibility at Redscan is the strategic direction and growth of the business. His previous ventures include AVT Technologies, an online FX trading platform used by the majority of the tier 1 banks and now owned by Thomson Reuters. He was also the founder and managing director of AVT Systems, where he oversaw the growth of the business through to the eventual acquisition by NICE

References (2)

  • ‘M-Trends 2016’

    Mandiant Consulting

    (2016)
  • Andrew Miller et al.

    ‘2015 Information Security Breaches Survey’

    Department for Business, Innovation and Skills

    (2015)

About the author

Mike Fenton is the CEO of Redscan and one of the organisation's founding partners. His primary responsibility at Redscan is the strategic direction and growth of the business. His previous ventures include AVT Technologies, an online FX trading platform used by the majority of the tier 1 banks and now owned by Thomson Reuters. He was also the founder and managing director of AVT Systems, where he oversaw the growth of the business through to the eventual acquisition by NICE Systems in 2008.

View full text
Copyright © 2016 Elsevier Ltd. All rights reserved.