For the past ten years, I’ve been a member of, lead, or builder of Red Teams. I chose to continue in this career path so long because I believe that Red Teaming is one of the, if not the best, way to identify, assess, and ultimately reduce risk. The demonstration of risk through simulation outperforms all forms of theoretical security (forms where we review how “an attacker could.”)
Regardless, we as Red Teamers still struggle to convey our ideas to executive leadership teams. A unique problem space exists in regards to delivering the highest quality translation of our results that will lead to maximum impact. We can only achieve this through storytelling, data, and up leveled dialogue.
My intended audience for these briefs is the following:
- Red Teamers who intend to up level their ability to convey results to executive leadership (VP+, CEO, CFO, CSO, CISO)
- Executive Leadership (VP+, CEO, CFO, CSO, or CISO) who seek to better understand the outcomes of Red Teams that exist within their Security organization
- Executive Leadership that do no have a Red Team in their Security organization and are seeking to learn more about the benefits
I hope to provide value to all these audiences so we can improve our ability defend organizations from modern day threats.
Red Team brief 