I'm posting here Mike Denny's fantastic article for the Red Team Journal.
The Boston Marathon bombing, the plant explosion in West, TX, and ongoing events around the world represent the types of unexpected surprises that red teamers are expected to explore through planning, simulation, and modeling. When the unexpected occurs, how can the red team overcome the chaos, help control the situation, and manage the outcomes while less mentally prepared individuals curl up into a ball under their desks? Resiliency in thought, action, and organizations can be instilled through training, planning, and flexibility in decision making processes.
Terrorist attacks and active shooter scenarios present crises on multiple scales. Certainly there is the need to address initial triage and evacuation of wounded, security concerns, and the immediate questions of how and why the event occurred. In situations like the Boston Marathon bombing, there is also the need to maintain composure and move forward with the planning and execution of crisis events in multiple timelines both near- and long-term. A red team is incredibly useful in crisis scenarios because they spend a great deal of time thinking like an adversary and are cognitively comfortable with chaos and unpredictable events.
An organization can build resilience in their staffs by allowing these thinkers to execute rapidly based on imperfect information and supporting actions to get ahead of the adversary’s decision making process. Not only do government and business organizations need to be ready to respond to crises, but NGO and civic organizations help spread the robust response to the community at large. Crisis events require more emotional, physical, and mental energy than the daily grind. This requires some fitness and discipline among operational staffs to maintain a routine, eat right, and exercise to overcome the extreme mental and emotional exertion due to crisis events. Clear rule sets with well-rehearsed situational responses allow for an organization to auto-pilot minor events while preparing the individual mindset for crisis response.
RTJ Red Teaming Law #23 states Very little is as it appears to be. Create the hypergame and play it to your advantage. The Boston bombing search was an example of a mixed response to understanding the adversary’s mindset and motivations. While social media outreach campaigns by officials in Boston were very effective, shelter-in-place directives risked developing a populace with a fortress mentality. As John Robb, author of A Brave New War, stated in his blog on April 20th, “However, over the long run, I believe this ["shelter in place"] phrase is going to look as silly as ‘Duck and Cover’ does to today’s world. The reason is simple. As the number of disruptions increase, we’re going to face a choice. We can either stay under constant lock-down, or we can become resilient.” This quote captures the essence of alternative analysis in situations of homeland security crisis: one of the best weapons in a situation like the Boston bombing search is the collective, attentive eyes of a million vigilant residents.
The development of a resilient and vigilant community with the ability to identify potential threats and assist the government in preventing future events can be the goal of an empowered populace. The tools and conduits for a community already exist through civic organizations’ and government agencies’ presence on social media and traditional social networks. Organizations and government agencies have the ability to create the hypergame–in other words, establishing the playing field and forcing the adversary to mold to the rules of the situation. This reduces the power of the adversary, improving the predictability of outcomes and eventually leading to his defeat.
How does a red team assist with this? As RTJ Red Teaming Law #25 notes: The goal of a red team usually isn’t to find a needle in the haystack, it’s to help you see the haystack. An organization’s planning and operations staff–instead of casting a tri-state or multinational net to catch individual actors in a single event–helps predict the adversarial actions and tighten the response zone to an individual “haystack.” This level of detailed analysis allows for reduced resources and improved response time. These actions assist officials preventing organizational hysteria and paralysis by defining the problem to be solved instead of focusing on the potential “catastrophic outcomes” of an adversary’s actions. The fear and paralysis in action during a crisis are potentially as dangerous as the events causing the crisis; they can undermine organizational response and diminish the confidence of citizens or customers in the organization’s competence, which can in turn cause long-lasting effects. For instance, FEMA is still trying to shake the negative publicity from the events of Hurricane Katrina nearly 10 years ago. With proper planning and organizational mindset, crises provide a catalyst for organizational growth and change due to an unpredicted surprise. The red team can assist in growing the organization’s response plan to ensure that a future crisis does not needlessly waste resources while leaders and decision makers are waiting to respond.