A Team of Teams
How We Transform Your Cyber Posture. Together.
Cyber criminals and other bad actors operate under many of the same paradigms as insurgents and other asymmetric threats. General McCrystal is one of the world’s leading experts in counterinsurgency, and his seminal work, Team of Teams, serves as our playbook for moving beyond the ineffectual, IT-centric approach prevalent within the SMB. Cybersecurity is more than just a team sport. It is a Team of Teams sport. Our transformation process addresses the critical linkage between the governance team and the tactical teams focused on execution. We start with your organizational strategy, isolating the essential capabilities and capacities requisite for its execution. We then focus on the key logistics of reinforcement, narrowing both the talent and program management gaps. We do this through the introduction of our Virtual Red Team in addition to Purple Team collaboration, reinforcing your IT function and closing the talent gap. Our multi-disciplinary, pre-integrated program plan keeps progress deliberate and managed, leading to an eventual true resilience. We incorporate a fractionalized Virtual Red Team model to provide the benefits associated with having Chief Information Security and Privacy Officers on retainer, while the remainder of the Red Team acts as a well-equipped supporting staff of professionals; both of which are typically beyond the budget for a majority of the organizations within the SMB space.
Blue Teams
Traditionally, Blue Teams are defined as a group consisting of the information technology or IT function. However, this definition is remarkably inaccurate in practice, as the Blue Team actually consists of anyone who manages technology within the organization. This can include members of the marketing team who manages web pages to network administrators who manages the configuration of firewalls — all are members of the Blue Team. This is an important concept to understand, as traditionally defined Blue Teams may not always have jurisdiction over certain technologies, because they are managed by a different function in the organization. These technologies are nevertheless susceptible to cyber-attack and must therefore be subject to the policies of a Cybersecurity & Privacy Program — subject to the implementation of information security controls.
Red Teams
Red Teams are defined as the individuals with information security-related knowledge, skills, and abilities who collaborate with the Blue Team by providing guidance on how to implement, operationalize, and maintain aspects of an organization’s Cybersecurity & Privacy Program. Therefore, these knowledge, skills, and abilities need to cover a diverse range of topics, such as Governance, Risk Management, Compliance Management, and Information Technology, just to name a few. Furthermore, these individuals typically assume a ‘white hat’ perspective, testing the information security capabilities of an organization for potentially exploitable weaknesses. This is an important information security concept, as Blue Teams, the group responsible for implementing information security controls, cannot be the group who determines the effectiveness of those controls, owing to potential conflicts of interest. Said differently, the Blue Team cannot be allowed to grade its own homework and the Red Team is responsible for ensuring that they don’t.
Purple Teaming
The practice of Purple Teaming is an essential component of an effective Cybersecurity & Privacy Program. Purple Teaming describes the collaboration between Blue Teams and Red Teams. This collaboration is communicative and multi-leveled, occurring throughout the various levels of your organizational chart. From the network administrator to the chief information officer, all of them are kept informed and are guided through the process of implementing, operationalizing, and managing relevant aspects of the organizational Cybersecurity & Privacy Program.