Thursday, April 1, 2010

Red Teaming for Law Enforcement

According to Michael K. Meehan, Captain of Seattle Police Department, law enforcement needs to borrow useful training techniques from the military and Private industry as it improves its terrorism countermeasure. One of these techniques is known as Red Teaming. The Military uses red teams in war-gaming scenarios as the opposing force in a simulated conflict to reveal weaknesses. In the business world, red teaming refers to an independent peer review of abilities, vulnerabilities, and limitations.

Scope of Red Teaming

Red Teaming is an interactive process conducted during crisis action planning to assess planning decisions, assumptions, processes, and products from the perspective of friendly, enemy, and outside organizations. Red Teaming has also been described as the " capability-based analytical or physical manifestation of an adversary, which serves as an opposing force." Red Teams evaluate a target or tactic, but not the likelihood that a particular target will be attacked.

Analytical Red Teaming

Analytical red teams portray an adversary but are not involved in actual field play. Analytical red teaming adds value to discussion based exercises and can range from basic peer review to near-real-time force-on-force interaction, as in games or simulations. During analytical red teaming, participants analyze the attack plans and look for indicators and warnings, key decision points, and vulnerabilities in the plan.

Physical Red Teaming

Physical red teaming involve individuals portraying actual, realistic adversary moves and counter moves in an exercise.

Benefits of Red Teaming

Successful red teaming offers a hedge against surprise and inexperience and a guard against complacency. Effective red teaming can define and threshold of detection, suspicion, and action.

Impediments to Effective Red Teaming

Impediments to effective red teaming fall in to two categories:
Situational: selection and training of members, and exercise conditions.
Organizational: organizationally imposed constrains, distribution and reception of the lesson learned. Red team success requires an organizational culture that values constructive criticism.

Methodology for Using Red Teaming in Exercise

  • Determine the objective or desired result
  • Communicate with government or private partners
  • Determine the scale or type of exercise
  • Develop the scenario
  • Identify and train the appropriate participant
  • Conduct and evaluate the exercise
  • Prepare documentation
  • Evaluate the performance
  • Develop the improvement plan
  • Make required and desired improvements
  • Exercise again

Limitations to Red Teaming

There is not enough information to predict all possible means of attack. Typically, red team exercises are based on prior events and are less likely to anticipate new, unplanned or never before seen events. Red teaming plans and procedures need to be stressed and once stressed, must evolve and improve.

4 comments:

  1. After looking over this post, and the article itself, I'm surprised that law enforcement agencies do not already utilize Red Teaming. I would imagine from the perspective of a law enforcement agent, looking into organized crime, terrorist cells/groups, or anything that functions in a group manner would be really useful when trying to determine what the group's next move might be. It could also be useful when trying to get someone into the group for an undercover mission. I hope they look more into this in the future as it seems very useful.

    ReplyDelete
  2. I like the distinction between analytical red teaming and physical red teaming. I assume that some combination of the two techniques would yield the best results, but is there a direct correlation between type of red teaming and the setting in which it is used (ie law enforcement, corporate, national security)? Has any group/agency found one of these techniques to be more effective?

    ReplyDelete
  3. I think LE uses some form of Red Teams all of the time in training. the problem here is one of definition, I think.

    ReplyDelete
  4. Were you able to come across any other articles mentioning other law enforcement agencies using Red Teaming? Has the FBI published anything?

    ReplyDelete