How purple teams deliver actionable data to security pros
April 2, 2021 – Article posted on SC Media
In this article, GuidePoint Security’s Victor Wieczorek examines why CISOs are looking at purple teaming exercises as effective methods to reduce risk beyond traditional means such as penetration testing. From healthcare to utilities to government agencies, CISOs are using analysis and reports from these purple team assessments, where both red teams (offense) and blue teams (defense) work collaboratively to assess an organization’s systems, uncover areas of vulnerability and exposure, and report to the board organization’s overall cybersecurity posture.
Traditionally, cybersecurity has been an afterthought as organizations leverage technology advances and roll out new tools and features. Even within security, functions often occur within silos – and critical context is missing.
When people think about the purple team concept, combining red and blue teams makes sense. By working together organizations can have an open discussion and lines of communication between the teams to drive a more practical and meaningful assessment. Deploying these red and blue skills while armed with the understanding of the industry, the key assets, and the customer’s cybersecurity concerns allows for meaningful tests to be crafted with the proper context. Purple Team Assessments combine the pros of red and blue teams while eliminating the cons of doing these in silos, ultimately giving organizations a more collaborative, integrated and robust approach to addressing security issues.
There are four important stages to a purple team assessment…
Read More HERE.