What are Red Teams and Red Teaming?
The purpose of the red teaming is to reduce an enterprise's risks and increase its opportunities. Red teaming can be used at multiple levels:
- Strategic level to challenge assumptions and visions
- Operational level to challenge force posture, a commander;s war plan
- Tactical level to challenge military units in training or programs in development
Red teaming provides enterprises with:
- Deeper understanding of potential adversary options and behaviors
- Hedge against the social comfort of "the accepted assumption or accepted solution."
- Hedge against inexperience
Areas that red team can play an important role within DoD:
- Concept development and experimentation
- Security of complex networks and systems
- Activities where there is not much opportunities to try things out (nuclear weapons stockpile issue)
The Task Force identifies three types of red teams:
- Surrogate adversaries or competitors of the enterprise: The purpose of this red team is to sharpen enterprise's skills and expose vulnerabilities that adversaries might exploit.
- Devil's Advocates: This provides critical analysis in order to anticipate problems and avoid surprises.
- Sources of judgement independent of enterprises' "normal" processes. The objective to often be a sounding board to the sponsor.
What Makes an Effective Red Team?
Typical causes of red team failure include the followings.
The red teams:
- Does not take its assignment seriously
- Could lose its independence and captured by bureaucracy
- Could be too removed from decision making process and became marginalized
- Could have inadequate interaction with blue (the program it is challenging)
- Could lose the confidence of the decision maker by leaking its finding to outsiders
- not capturing the culture of the adversary
Attributes of Effective Red Teaming
- The culture of the enterprise: Red teaming can thrive in an environment that not only tolerates, but values internal criticism and challenges.
- Top Cover: A red team needs a scope, charter and a relationship that fit the management structure.
- Robust interaction between the red and blue teams: It is not a win or lose game. The objective is to establish a win-win environment in which blue learn from the processes and comes out with sharper skills.
- Usually careful selection of staff: Many very talented individuals are not suited, temperamentally or motivationally to be effective red team members.
Observation About Current Red Team Activities
US navy's SSBN Security Program: It was established in the early 1970s to identify the potential vulnerabilities that the Soviet Union might exploit to put US SSBN at risk. The program's focus shifted in the mid 1980s to evaluate and assess findings from the intelligence community. Recent work has involved terrorist threat and security in ports.
Over decades the program's principles have remained unchanged:
- Strong and widely acknowledged national purpose
- Stable funding
- Highly competent people
- Access to the details of the target program
- Independent to criticize
- Direct accountability to senior official
- A strong but not subordinate relationship to the intelligence community
Missile Defense Agency-Red Teaming Experience: for almost two decades the purpose of this program has been to identify, characterize, and mitigate the risk associated with the development and deployment of the missile defense system.
Air Force Red Team Program: It provides assessments of concepts and technology.
- Provides disciplined approach to guide decision making in technology development
- Allows warning regarding vulnerability of fielded capabilities
- Gives insight into defining what sensitive information to protect
The US Army Red Franchise Organization: Established in 1999, and is responsible for defining the operational environment in next two decades. The operational environment is the intellectual foundation for transforming the Army from a threat-based force to the capabilities based objective force.
USJFCOM Red Teams: This program has been using red team for joint concept development and experimentation.
OSD's Defense Adaptive Red Team (DART) Activity: Established in 2001 and its mission is to support the development of new joint operational concepts by providing red teaming for JFCOM, the combatant commands, Advanced Concept Technology Demonstration (ACTD)and joint Staff.
Red Teams at the Strategic Level
Red Teams at strategic level occurs when the entire enterprise is challenged. The role of red team in such a situation is to:
- Clarify the degree of urgency of the threat
- Create alternatives backed by data, feasibility, likely outcome, difficulty of implementation, resources required, and likely resistance, communication needs
- Gather opposing views
- Lead discussion toward choice of an acceptable solution
- Plan implementation
Red teaming has been a valuable and underutilized tool for the Department of Defense. The Defense Science Board Task Force recommend that the red team role be expended. there are two main reasons:
- To deepen understanding of the adversaries the US now faces in the war on terrorism and in particular their capabilities and potential response to US initiatives. red Teaming helps to identify the range of options available to potential adversaries.
- To urge against Complacency. The US military is tempting to transform itself. It is necessary to continue transforming our armed forces to deal with committed and adaptive adversaries.