Friday, September 28, 2018

The 'Best Practices' of Red Teaming
Dr. Brad Gladman
Summary and Critique by Jillian J

Summary
Dr. Gladman explores the importance of red teaming, organizations and methodology, the composition of the red team, and the process of red teaming. He presents a description of red teaming, acknowledging that the concept of a red team manifests itself in many forms-- "In general, red team efforts, both devil's advocate and 'opposing force,' can help hedge against surprise, particularly catastrophic surprise, through their challenge function that provides a wider and deeper understandings of potential adversary options and behaviors, and can expose potential vulnerabilities in friendly strategies, force postures, plans, programs, and concepts. Red team efforts can also help organizations to avoid biases and the tendency to accept the typical assumptions and solutions to problems" (Gladman 2007). The traditional opposing force role can uncover how human adversaries may threaten the system, but Gladman asserts that considering the impact of an event like and earthquake necessitates the other type of red team role--devil's advocate. Modeling this type of adversarial event is an important function of a red team. HE also distinguishes between opposing force red team and risk assessment wherein the former assumes the adversary and situation is unknown and in the latter the threat is already known. However, Gladman states that we cannot completely separate the two.

The Importance of Red Teaming
This section served as a history lesson in red teaming, citing its use back to the early nineteenth century with the rise of the Prussian General Staff with Kriegspiele or war game. Gladman goes on to discuss how important it is for red teams to avoid group-think (the red team all getting on one track and thus failing to present diverse, original scenarios) and mirror-imaging (the red team presenting scenarios in a 'this is how we'd act if we were them'"). To fight these tendencies, he suggests assigning a critical evaluator to each team member to foster an environment where they can voice objections and attempting to understand the specific nature of the operating environments complexity and the capabilities of the adversary, respectively. 

Organizations and Methodology
Gladman addresses the importance of culture and asserts that a direct reporting relationship to the commander or head of the lead agency is critical to the red team's success or failure. Additionally. the red team must engage in continual sharing of relevant information and findings with teams at each command level. The red team must be seen as a critical and legitimate part of the planning process, have freedom to challenge areas where they detect problems, and must be logically organised and applied at critical times during the study. Gladman (2007) writes that ideally, "there is robust interaction between, initially, the red and planning teams, and later between red and blue teams during pre-event exercises. Both teams must view this interaction as a 'win-win' versus a 'win-lose' prospect." This results in sharper skills and greater application. At this point he also highlights the importance of clearly understanding the mandate and its expected outcomes.

Composition of the Red Team 
Personality and subject matter expertise are both important to consider when selecting members of a red team. Someone may be professionally qualified, but they lack the temperament required for the task. He suggests some key team members e.g. a policy advisor (POLAD) to advise on policy issues and maintain a range of contacts across government departments, a team facilitator, to coordinate team discussions and identify assumptions and biases, and a Operational Research and Analysis (ORA) member, who helps decision-makers improve the effectiveness of operations or systems. Members must continue to learn and adapt, while being able to present their recommendations in a way that ensures appropriate attention. Gladman discusses how experience shows red teams often fail because they don't that the assignment seriously or don't have adequate exposure to the planning staffs and documents.

Process of Red Teaming
Gladman includes the this image, highlighting different functions (planning assumptions as "devil's advocate", developing "vignettes" or scenarios prioritized for impact and degree of risk, and carrying out exercises in the "opposing force" role, and finally assessing lessons learned) of the red team and how it leads up to the 2010 Vancouver Olympics.
Next he discusses useful tools for red teaming e.g. capturing thoughts and ideas, brainstorming and simulation software, and the matrix included below. The matrix assigns a level of risk (Low, Medium, High, Extreme) at the intersection of severity if it were to occur and likelihood of its occurrence. 
Gladman maintains that red teaming can create a mental framework much better prepared for the unexpected. 

Critique 
Gladman wrote that the paper's central argument was that, "military organizations which more easily welcome the challenging of assumptions and plans frequently fare better in the operations they undertake than those that do not." I didn't get a clear sense of that as much as I got a clear understanding of red teaming elements. After reading the paper I certainly think that's true, but I don't think it came through as the prevailing argument. Structure aside, I liked his idea of facilitating a win-win atmosphere. Instead of having the red team try to outwit the blue team or the blue team try to outplan the red team, he presented it as more collaborative. The red team's primary job is to provide the adversarial scenarios alongside the blue team, resulting in greater preparedness. It was also interesting to see him include devil's advocacy in the two-part role of a red team and also to read about the importance of direct communication with command. Additionally, I believe this was my first exposure to the Risk Assessment Matrix and I'd like to keep it in mind for future analyses. I like how it puts a structure behind the judgement. Overall, Gladman's paper was informative and extensive, providing useful explanations and direction.





6 comments:

  1. Jillian,
    An interesting finding of this summary on red teaming is the "freedom to challenge areas where they detect problems". This comment is similar to one in Billy's post when he discussed a source o failure as the lack of independence from bureaucracy. Although this finding initially surprised me, it makes sense. Our adversaries initiate action and react to events as they occur in real-time. By allowing red teams to operate with independence is one way we can emulate real-world interactions with our adversaries.

    ReplyDelete
  2. The author indicates that a common cause for failure is due to the red team not taking their task seriously. Does the author address how this can be prevented?

    ReplyDelete
    Replies
    1. Indirectly, yes. The author talks about failing to take the task seriously in tandem with the importance of having a relationship with and access to planning staffs and documents. If the red team is distanced from the planning process and is seemingly out of touch with the decision makers, then their logical response is to internalize that in a way that makes them think their efforts are unimportant. If the red team doesn't believe that decision makers will evaluate and take their findings into consideration, they are unlikely to take the task seriously.

      Delete
  3. Jillian,
    I think something that you mention here was also mentioned in Billy's post about communication and collaboration between the red and blue teams. I find this somewhat interesting. When I think of red teaming I generally mentally conceive of it as a wargaming exercise. When there is the insistence on collaboration within a red teaming exercise between the teams, I start to deviate from the idea of red teaming as war gaming and more into something very different. In this sense red teaming brings two opposing sides together in collaboration where the teams are encouraged to "fill the role" (so to speak) and then work together. Your thoughts?

    ReplyDelete
  4. This article hit on many important elements that make-up red teaming. I think an important aspect that can drive the success of a red team really derives from a robust leader. The outcome of the product begins by the leader's ability to inform, build, and lead a team to improve the result. Your critique addresses the win-win perspective, and I believe this is something a leader must do to set the tone between both teams. It would result in a more positive environment where both teams would feel they contributed equally.

    ReplyDelete
  5. Jillian this was a great article that hit on a lot of important points of read teaming. I found the part about "distinguishing between opposing force red team and risk assessment wherein the former assumes the adversary and situation is unknown and in the latter the threat is already known" particularly interesting. We coming up with an activity we talked about the weakness of red teaming, one of the main weakness we thought of was the need for the enemy and situation to be defined. So do you think red teaming is as effective if it is not defined?

    ReplyDelete