The Use of Red Teaming in The Corporate Environment: A Study of Security Management, Vulnerabilities and Defence

Document Type

Conference Proceeding

Faculty

Faculty of Computing, Health and Science

School

School of Computer and Information Science / Centre for Security Research

RAS ID

5481

Comments

Lane, G., & Brooks, D. (2008, December). The use of red teaming in the corporate environment: A study of security management, vulnerabilities and defence. In Proceedings of The 1st Australian Security and Intelligence Conference (p. 77).

Abstract

This study explored the use of red teaming within the Western Australian mining sector. Red teaming is the formation of a team of experts with the goal of attacking a company’s infrastructure, with permission to find flaws and weaknesses in their security. A series of interviews were conducted with security professionals within the mining sector to gauge the level of red teaming knowledge and to investigate the current security red teaming practices. The study interviews demonstrated a lack of security testing within the mining industry. However, the interviews indicated that companies would find value in using red teaming exercises to evaluate the level of security in their current systems, in particular, security vulnerabilities. Furthermore, the intention of this study was to provide foundation information regarding red teaming. This approach allowed the development of a proposition to focus on the introduction and use of the red teaming methodologies within the corporate security environment. Such a proposition allows an interpretive inquiry to develop, test and measure a corporate red teaming model.

This document is currently not available here.

Share

 
COinS