1 Red Teaming is an excellent training tool. It teaches skills to security officers that enable them to handle threats on an ongoing basis so that when the officer is confronted with ‘the real deal’ he already has experience under his belt. Without red teaming, the officer has neither the skills nor the experience they need. Having officers on both sides of the red team, including the adversarial role is a critical part of training.
2 Red teaming provides performance metrics. It makes it possible to know if security is doing a good job without the ramifications of a real incident. It also pinpoints if a particular officer or function area is failing or succeeding. An application like Guardian by Chameleon allows the client and security company to track and share inspection and red team results, training and statistics. It’s important to note that conducting red teams only to check performance is not enough. These tests need to be followed up immediately with changes or training. The mission of red teaming is to foster improvement and push change.
3 Red teaming automatically increases awareness on the part of security officers, supervisors and staff. When they know the threat and how an adversary works via methods of operation, they understand what to be aware of. Red teams should be used not only with the security team but for anyone who has a security role, even tangential, such as receptionists and mail room operators.
4 The best qualification tool around to determine if an individual is qualified to do a given job is via red teaming. A good practice is to have a seasoned officer mentor and shadow new security staff and have him red team the officer on every required task or duty. Surveillance detection? X-ray machine operation? The person conducting the qualification can check off the tasks as part of a red team.
5 Accountability. Every security manager (and for that matter any manager) has heard the phrase “But nobody told me…” Red teaming is a great way to drive accountability. A good practice is to maintain a Red Team file that officers are required to read and sign off on, prior to their shift. Learning from red teams conducting on others is immensely valuable.
6 The Security SOP should be constantly modified and improved. Red teams guide that process in direct relation to threats. The vulnerabilities that are exposed during testing should immediately be closed by procedural means.
7 Technology Checks. Red teams may expose issues with security technology. Perhaps a magnetometer was not correctly calibrated and did not detect a knife. Red teams can reveal where the technology falls short of a solution which in turn may dictate an adjustment in procedures. How for example to deal with people in wheelchairs being screened via a metal detector.
8 Regulatory compliance is an area where red teams can play a part. Some of our clients are under government contracts that require security systems be constantly checked. The Patriot Act stipulates that quality assurance be conducted on an ongoing basis and a red team program would satisfy this requirement.
9 Motivational Tool. Red teaming is a powerful tool for weeding out slackers and officers who are not a good fit for the role. For officers who see security as a calling, who are responsible and want to be effective in countering threats, red teaming motivates.
10 Every security manager can relate to the struggle to justify the allocation of security resources. When a threat is not realized, there is no obvious justification. Red Teaming reveals the need for resources and shows too whether or not current resources are being used effectively to mitigate and prevent threat.