The modern, globalized world relies on cyber infrastructure and information systems for government operations, business dealings and everyday personal life. Computers are at the heart of most everything we do, yet computer technologies are not inherently secure. They can inadvertently make a wealth of information available to anyone with the know-how to penetrate those systems. This creates serious security risks for governments, individuals and businesses.
For these reasons, cyber security is one of today’s fastest growing fields. It is applicable to the business world in many ways, from guarding financial information, technological innovations, and business strategies to judging the potential efficacy and security of new business plans and operations. This is where the concept of “cyber red teaming” — a delicate combination of ethical hacking and alternative analysis used by businesses and governmental bodies alike — comes into play. In the online Master of Business Administration with a Concentration in Cyber Security program at the University of Texas at Tyler, candidates will gain knowledge of and experience with red teaming, an important component of evaluating and addressing a business’s cyber security risks.
What Sorts of Threats Do Cyber Attacks Pose?
The National Strategy to Secure Cyberspace states, “Cyber attacks on United States information networks can have serious consequences such as disrupting critical operations, causing loss of revenue and intellectual property, or loss of life.” Although this statement is clearly made from the national security perspective, the same risks exist in the business world. Competing businesses or private interests could be stealing new software or product design details, installing malware to disrupt company operations or delay product launch, or pursuing other malicious goals.
How Can Cyber Threats Be Countered or Prevented?
At the time The National Strategy to Secure Cyberspace was created (2003), the field of cyber security was in its infancy. The strategy states that effectively countering cyber attacks “requires the development of robust capabilities where they do not exist today.” The private sector is uniquely suited to address the development of national and private cyber security practices and technologies. According to the strategy, public-private engagement and partnerships are the key to building strong cyber defenses.
The field has seen rapid progress since then, in large part due to work in the private sector. Along with the many security-enhancing technologies and “robust capabilities” that security experts have developed and implemented, preventive practices like red teaming have been used to test the security and vulnerability of cyber systems.
What Are the Basic Components of Red Teaming?
The concept of red teaming has been used to test for vulnerabilities or weaknesses in many plans, strategies and systems, whether they are security designs, military plans or even business models. The essence of red teaming is to have a group of experts take an adversarial role and look for vulnerabilities in a system by trying to attack or break it. Where the “blue team” designs the system and tries to make it infallible, the “red team” acts as the antagonist, mimicking the mindset and actions of a military enemy, business competitor, or any other entity that may try to exploit weaknesses in the system.
In the world of cyber security, red teaming is used to test computer system security. Expert cyber security professionals are tasked with playing the part of the adversary and hacking through the employer’s security system to expose any faults in the system that developers may have overlooked. Security teams can do this in simulation or in actuality. Unfortunately, these tests can expose the system to real-time risks. And although it falls under the umbrella of “ethical hacking,” cyber red teaming poses many ethical and legal considerations, so organizations should use this practice judiciously.
Computer technology is advancing at an exponential rate, with developments in hacking technologies and cyber attack techniques keeping pace. Red teaming can help cyber security professionals mitigate and counter these current and developing security threats.
Learn about the UT Tyler online MBA with a concentration in Cyber Security program.
Sources:
SANS Institute: Red Teaming: The Art of Ethical Hacking