CSO Perspectives (Pro) 9.21.20
Ep 23 | 9.21.20

Red team, blue team operations around the Hash Table.

Show Notes

Red team, blue team operations are a cybersecurity first principle strategy.

What do Pope Sixtus V, President Ronald Reagan, The FAA, the Prussian Army, and Looney Tunes have in common? They all totally understood the value of red team/blue team operations. Rick teaches us how penetration testing supports zero trust and red team/blue team operations support intrusion kill chain prevention. He and The Hash Table explain how to identify employees with the right aptitude for this work, and how purple team operations benefit training, development, and expertise in your infosec program.

Two members of the CyberWire’s hash table of experts,

  • Tom Quinn: CISO - T. Rowe Price
  • Rick Doten: CISO - Carolina Complete Health

discuss red team blue team operations in the real world.

Cybersecurity professional development and continued education.

You will learn about: how to scope penetration tests and exercises, achieving buy-in from executives, Kovel arrangements

CyberWire is the world’s most trusted news source for cybersecurity information and situational awareness. Join the conversation with Rick Howard on LinkedIn and Twitter, and follow CyberWire on social media and join our community of security professionals: LinkedIn, Twitter, Youtube, Facebook, Instagram

Additional first principles resources for your cybersecurity program.

For more red team, blue team, and cybersecurity first principles resources, check the topic essay.

Selected Readings:

  1. 2020 Red and Blue Team Survey Reveals Positive Trends,” by Sam Humphries, Exabeam, last visited 13 September 2020. 
  2. 3 Situations That Call for a Red Team,” by Lisa Earle McLeod, Huffington Post, 23 November 2013.
  3. Cybersecurity Red Team Versus Blue Team — Main Differences Explained,” by Sara Jelen, SecurityTrails, 7 December 2018.
  4. Don't Give Up the Sheep (1953),” by IMDBtv.
  5. Guide to Red Team Operations,” by Raj Chandel, Hacking Articles, 5 August 2019.
  6. Helpful Red Team Operation Metrics,” by Cedric Owens, Medium, 2 March 2020.
  7. Red team,” by Military Wikia.org.
  8. Red Team Vs Blue Team Testing for Cybersecurity,” by Zbigniew Banach, Netsparker, 14 November 2019. 
  9. Red Team: How to Succeed By Thinking Like the Enemy,” by Micah Zenko, Basic Books, 3 November 2015.
  10. Red Team: How to Succeed By Thinking Like the Enemy,” by Micah Zenko, Council on Foreign Relations, 1 November 2015.
  11. The Difference Between Red, Blue, and Purple Teams,” By Daniel Miesller, 4 April 2020.
  12. The History of Penetration Testing,” by Ryan Fahey, Infosec.
  13. The importance of red teams,” by Peter Attia, Media, 24 May 2020.
  14. Where does red teaming break down?” by David Spark, Allan Alford, and Dan DeCloss, “Defense in Depth” podcast, 3 September 2020.