Red Teams generate data that helps advance our firms’ security and resilience, and we need a way to plan for, measure, and report on our capacity to do so. Data, without confidence that it’s accurate, is more or less useless, and we hope this CMM can help bridge the gap that often exists between Red Team and the business by providing consistent messaging on a team’s ability to simulate a threat.
If you missed the links above, you can find the model at https://www.redteammaturity.com. From there, you can get links to my GitHub to download the model in other file formats and contribute to the model. The website also has a longer post that digs into some of the definitions and other considerations from the drafting process if you want to learn more.
© 2023 FS-ISAC, Inc. All rights reserved.
Brent took the scenic route to security, starting outside the technology field altogether before seeing the light. Prior to his current role leading the Red Team at Humana, he held positions in...Read More
security engineering, threat intelligence, and counterintelligence. What remained consistent throughout his career change was his love of poking holes in things and communicating the results to a variety of audiences in a way to which they can relate.