Saturday, September 29, 2018

The Defense Science Board: The Role and Status of Red Teaming Activities


In 2003 the Defense Science Board prepared a report for then Secretary of Defense, Donald Rumsfeld, on red teaming.  The report is broken down under seven sections:

1       -Introduction
2      -What Are Red Teams And Red Teaming?
3       -What makes an Effective Red Team?
4       -Observations About Current Red Team Activities
5      -Red Teams At The Strategic Level
6      -Conclusions
7      - Recommendations

The report indicates that the Defense Science Boards takes on a rather broad role in their definition of red teaming.  In their definition, they not only describe playing the adversary role as important but include devil’s advocate and other similar roles.  They justify this definition due to the shared goal of challenging the norms of an organization.  The board states that red teaming can be used by the Department of Defense at the strategic, operational and tactical level for a variety of areas. Red teaming can and is currently used by the DoD in training, concept development, security of complex networks, and for scenarios that provide little flexibility such as nuclear weapon stockpile issues (DSB, 2003). Red teaming can also be used to hedge against bias, conflict of interest and against inexperience which is common in the DoD and OGA due to short leadership tenure (DSB, 2003).

In detailing what makes an effective red team, the defense science board indicates common causes of failure as well as attributes that create effective red teams.  The top failure listed was when a red team does not take their assignment seriously. The authors of the report include an additional note about this failure from task force members, the TF members explain that they have often never been provided a clear statement of purpose when assigned to a red team (DSB, 2003). Other failures listed include:

-         - Lack of independence due to bureaucracy,
-          -Removal from the decision-making process
-          -Inadequate interaction with the blue team
-         - Destruction of the integrity of the findings due to information leaks

 After addressing those failures, the Defense Science Board details the attributes of effective red teams and identifies the following:

-         - A culture that supports internal criticism
-          -Independence with accountability
-          -Serious consideration of the red team’s output
-         - Robust interaction between red and blue team
-          -Careful selection of staff
-         - Skillful timing and implementation (using them too late, or too soon)

The report ultimately concludes that red teaming is effective and underutilized by the DoD and it should be expanded.  The Defense Science Board indicates that for the U.S. to better understand their current adversaries in the war on terrorism and to prevent complacency, red teaming must play a role.


Defense Science Board Task Force. (2003). The Role and Status of DoD Red Teaming Activities. Department of Defense. Retrieved from https://fas.org/irp/agency/dod/dsb/redteam.pdf

9 comments:

  1. Billy,
    For an exercise that inherently challenges the norms of an organization, I agree that a lack of clear purpose can pose a problem for red teaming in practice. For those within the organization tasked with the responsibilities of acting as an adversary, not only must they adopt a new perspective but they must undertake the task seriously if it will prove to be a worthwhile activity. Ensuring that the red team members understand the reason for this task and how it will help the organization in the long run seems to be a critical first step in a successful red teaming exercise.

    ReplyDelete
    Replies
    1. Sounds like a tough task for leadership. I imagine during periods of no war this it is extremely hard for military leaders to maintain motivation to continue fighting a fake OPFOR

      Delete
  2. Did the report refer to membership of red teams in the section titled "What Makes An Effective Red Team?" I feel like this is something that DoD would consider that is an important factor in the red teaming process.

    ReplyDelete
  3. The failures and attributes listed for DoD red-teaming all come down to execution on the part of the red-team itself. As Todd said, clarity in purpose may be important, but I think a establishing and communicating a clear direction may be of even more importance to combating some of the execution failures. Those using red-teams are usually on the defensive and at an obvious disadvantage because of the wide range of offensive possibilities. Harry's article spoke to expanding the range of possibilities as being an advantage of red-teaming. However, without proper direction, this exercise can manifest into divergent thinking. Although its important to understand ALL adversary possibilities, providing the team with a clear sense of the objectives of both the exercise and the greater strategic mission at hand will help mitigate execution failures.

    ReplyDelete
    Replies
    1. I think expanding the realm of possibilities is good, however I agree that divergent thinking could occur and potentially become unrealistic.

      Delete
  4. A distinct concept of red teaming includes considering the adversary's possible actions. An obvious way to do this is to base it off of previous actions by the opponent. A significant factor in red teaming is preparing for the unknown. What if the opposition completely changes their usual operation process? This is what remains difficult to detect. I think the DoD and other agencies have increasingly taken this into account and no doubt there is always room for improvement. Other possibilities may arise if the team is better managed. I agree with Bryant that it may well be internal.

    ReplyDelete
    Replies
    1. Considering today's modern military conflicts are against terrorist organization, I think the idea that a group could switch up doctrine is very much in the realm of possibility and needs to be considered.

      Delete
  5. Bryant brings up a really good point a lot of the errors of red teaming is execution errors not errors in red teaming itself. So is there a best practice to over come some of these execution errors or do you believe that the heavy reliability on the leadership is an error of red teaming itself?

    ReplyDelete