Someone has to keep us on our toes. Someone must verify that we’re not imprisoned by our own conceptions. Someone must do quality assurance tests on our security controls.
We need our red teamers, and we need them badly. “Defense in depth” security practice has become “complex in depth” and the security control stack, policies and administration has increased the likelihood of human error.
If you don’t have that someone in your organization, appoint one of the security folk that has a little more flair for mischief than the others. And of course, you can take the route of the “red team in a box” software platform such as Pentera.