Red Team Exercises
A Red Team Exercise is an all-out attempt to gain access to a system by any means necessary, and usually includes cyber penetration testing, physical breach, testing all phone lines for modem access, testing all wireless and RF systems present for potential wireless access, and also testing employees through several scripted social engineering and phishing tests. These are real life exercises carried out by an elite small team of trained professionals that are hired to test the physical, cyber security, and social defenses of particular system
Our industrial clients are typically not in control of all aspects of the security of their systems. In many cases they have outsourced the physical security to one outsourced organization, the cyber security monitoring to another entity, and may also use contractors and outside firms for securing the IT systems. Since all it takes is the weakest link for a security breach to occur, it is important to test all facets of a security program to determine where the breaking points exist. For this reason, we advocate using a Red Team Exercise to mimic the same process that a motivated attacker would follow to map out an organization’s infrastructure, perform reconnaissance at key physical installations, and then test the physical, cyber, and social defenses all at once through a staged exercise.
We have performed over a dozen of these exercises on both corporate office and industrial plant locations, and we have the resources, methodology, and experience to perform these tests in a safe manner that does not impose any operational risk to our clients.