You are here
Home > News > Information Security > Security defensive blue teams failing to catch offensive red teams

Security defensive blue teams failing to catch offensive red teams

Large enterprises and organisations regularly conduct these exercises (which is good). Unfortunately the defenders aren’t doing a good job of stopping the attackers. This is why I got into promoting cyber deception as a way of detecting attackers moving laterally around an organisation…:

A new study from Exabeam has revealed that more than one-third of security professionals defensive blue teams fail to catch offensive red teams.

The survey also showed that 68% find red team exercises more effective than blue team testing, and more companies are practicing red over blue team testing.

As cyber-attacks become increasingly sophisticated and hack techniques become more highly targeted,  organisations must learn how digital adversaries think to help identify gaps in their security programs.

Red teams consist of internal or hired external security professionals that emulate cybercriminals’ behaviours and tactics and gauge the effectiveness of the company’s current security technologies.

Blue teams consist of the organisation’s internal security personnel, tasked with stopping the simulated attacks.

In these test scenarios, the blue team must react without preparation, to give the company the most realistic picture of its defensive capabilities.

The study showed that 72% of respondent organisations conduct red team exercises, with 23% performing them monthly, 17% quarterly, 17% annually, and 15% bi-annually.

[…]

Only 2% say they always stop the red team, emphasising that organisations must constantly evaluate and adjust their security investments to keep up with today’s adversaries. 

[…]

Original article here

Peter Glock
Over 30 years of designing, building and managing telecoms and IT services. Primarily working with large enterprise and professional services businesses in Asia, North America, continental Europe and the UK. Information security professional, secret physics nerd.
https://brownglock.com

Similar Articles

Leave a Reply

Top
%d bloggers like this: