The concept of the game Red Rover is simple – two opposing teams, each with all its players holding hands. They take turns sending one player to “attack” the other side, by finding the weakest link and infiltrating the line – bringing new meaning to “brute forcing” one’s way in. From the “attackers’’ vantage point they can choose how and where to try and break through. One point or moment of weakness, and they revel in their success.
The parallels to cybersecurity are clear, and the skill it takes to be a red teamer would indeed make the playground a great place to recruit. If this next generation of red teamers manage to successfully penetrate the chain, ask yourself what would happen in “the real world.” It’s time to take the defense to the next level and leave play to the kids. By emulating real attacks you can validate your security controls, begin to sense your readiness, and eliminate the weakest link. So go ahead, send Patrick right over.