Red Teaming: Why We’re (Mostly) Getting It Wrong | Red Team Journal

One aspect of today’s cybersecurity/infrastructure defense/counterterrorism challenge that we sometimes neglect under the press of daily demands is the fundamental imbalance between attacker and defender that continues to characterize the defender’s position. How so? In nearly every scenario we can imagine, the attackers enjoy more degrees of freedom than the defenders, and as a result, every defender in America today starts the day with one hand tied behind his or her back.

You know when we link to our friends at the Red Team Journal, good things are waiting for you to read. Everyone there, especially Mark Mateski, have a clear underdstanding of what Red Teaming is all about. This is the case of their latest post.

This is something we have mentioned before many times. We even have a rule for this (Rule 51). However, Mark and his team managed to articulate this is a way that I hope someone with the right kind of access, money and power can finally understand what Red Teaming is and why we needed to so badly.

I'll leave you here with their graphic.