The Use of Red Teaming in The Corporate Environment: A Study of Security Management, Vulnerabilities and Defence
Document Type
Conference Proceeding
Faculty
Faculty of Computing, Health and Science
School
School of Computer and Information Science / Centre for Security Research
RAS ID
5481
Abstract
This study explored the use of red teaming within the Western Australian mining sector. Red teaming is the formation of a team of experts with the goal of attacking a company’s infrastructure, with permission to find flaws and weaknesses in their security. A series of interviews were conducted with security professionals within the mining sector to gauge the level of red teaming knowledge and to investigate the current security red teaming practices. The study interviews demonstrated a lack of security testing within the mining industry. However, the interviews indicated that companies would find value in using red teaming exercises to evaluate the level of security in their current systems, in particular, security vulnerabilities. Furthermore, the intention of this study was to provide foundation information regarding red teaming. This approach allowed the development of a proposition to focus on the introduction and use of the red teaming methodologies within the corporate security environment. Such a proposition allows an interpretive inquiry to develop, test and measure a corporate red teaming model.
Comments
Lane, G., & Brooks, D. (2008, December). The use of red teaming in the corporate environment: A study of security management, vulnerabilities and defence. In Proceedings of The 1st Australian Security and Intelligence Conference (p. 77).