Wednesday, April 15, 2009

Summary Of Findings: Red Teaming (2 Stars Out Of 5)

Note: This post represents the synthesis of the thoughts, procedures and experiences of others as represented in the 12 articles read in advance of (see previous posts) and the discussion among the students and instructor during the Advanced Analytic Techniques class at Mercyhurst College on 15 APR 2009 regarding Red Teaming specifically. This technique was evaluated based on its overall validity, simplicity, flexibility and its ability to effectively use unstructured data.

Description:
Red Teaming is an analytical modifier that can be used in two distinct ways:

First, in an objective sense, it is used to challenge emerging operational concepts in order to discover weaknesses with an organization's procedures and reactions.
Second, in a subjective sense, red teaming is used to generate options for adversaries that may be overlooked due to biases or heuristics.
When red teaming is used in the first manner, the effectiveness of red teaming is usually easier to monitor and evaluate. When using the second approach, it is more difficult to measure the effectiveness of red teaming, as the effectiveness is subject to forces outside of the method itself.

Strengths:
*Forces "thinking outside the box"
*Challenges "groupthink"; may reduce bias
*Can provide invaluable near-real world training (as close to real world as possible)
*Can identify previously unknown threats and gaps in security
*Can provide a diverse outlook on a problem
*Can identify new uses for innovations

Weaknesses:
*No textbook way to conduct red teaming
*Can verge on science fiction
*Red Team can be marginalized
*Results can be ignored by SME if non-SME conduct the exercise
*Red Team may pursue path of least resistance and not take the excercise seriously
*Participants must fully understand culture of the Red Team they are playing to make the most of the excercise
*Requires leadership committed to making changes based on the recommendations of the Red Team
*Memebers of the Red Team may be of a poor quality and thus negate the usefullness of the exercise
*May be used to politicize intelligence ( see The Power of Nightmares)
*No particular guidance on how many team members are needed to function optimally
*Does not always allow creativity
*Excercise can be stifled by rules and parameters set up to "prove a point"
*Can be subject to "groupthink" within the Red Team

How To:
**A hodgpodge of instructions exist on how to conduct red teaming exercises. The "How To" is largely dependent upon the type or form of red teaming being executed.

1)Populate team (can be composed of subject experts or outside consultants chosen for other unique skills/qualities)
2)Receive tasking or objective from management
3)Assume the role assigned with particular consideration of the limitations imposed on the team (cultural, technological, equipment, etc.)
4)Provide the red team with the necessary independance and credibility to challenge existing norms and ideas and suggest "outside the box" ideas.
5) Execute tasking or exercise.
6)Disseminate and if necessary advocate the key findings to the person excercising control over both the red and blue teams.

Experience:
In order to gain a better understanding of the process of red teaming, the group played a conflict simulation game, "Strike Force One". The game is a simple computer-based simluation used to recreate a combat situation in a key area of West Germany during the Cold War. One player, in this case the computer (AI), advances as the Soviet Army, and the human user takes the role of US Army forces defending key towns on the grid. Movement takes place on a board of "hexes" and the result of the combat is determined by simulated die rolls, as any common combat board game. The group "red teamed" the anticipated movements of the enemy forces, but was ultimately defeated by the Soviets.
Here are some of our experiences:
*Team members dissented over the most likely movements of advesaries - illustrating the multitude of options available for these adversaries.
*Relatively easy to anticipate the adversary's general movements, but more difficult to anticipate which specific move he would choose; but combat results are not entirely predictable.
*Team still had the US Army's interests in mind; not able to fully think like the adversary.

No comments:

Post a Comment