Development and operations a practical guide
Responding to negative organizational feedback during briefings
Download 4.62 Mb. View original pdf
|
| Responding to negative organizational feedback during briefings Inevitably, a Red Team will be challenged in their observations. A Red Team must be prepared to respond to negative questions or comments, such as "We gave you access" "A bad guy would never do that" or "How is that fair. These comments are all too common and typically come from organizations that are immature or uninformed about threats and security. In order to respond appropriately, a Red Team must remain professional and conduct a high-quality engagement. Red Teaming can generate stress and cause people to become defensive, both personally and professionally. A Red Team should not boast or belittle the target's staff during a briefing or in a report. A Red Team that tells the story of an engagement with simple facts can convey a strong message without blame. Even if an organization did poorly, the facts would be more than enough to get the point across. Remember, a Red Team's job is not to demonstrate how elite their hacking skills are but to exercise a threat scenario that allows an organization to learn and improve their security. A Red Team's story should convey the significant failures that led to a successful compromise. A good rule of practice is non-attribution, or not attributing failures to specific people. Many organizations blame security failures on certain individuals instead of recognizing organizational gaps or failures. Placing blame on individuals seems to present an easy fix but rarely improves security. Blaming Bob in accounting for clicking a phishing email is not why all intellectual property was stolen. On occasion, a Red Team maybe presented with an unusually hostile person or possibly a hostile technical team. In these scenarios, diffusing hostilities becomes just as important as the information being conveyed otherwise, the information may not be ingested as intended. The Red Team can use three simple questions to begin diffusing the situation. Download 4.62 Mb. Share with your friends:
|