Walter “Pete” Lee - VP Operations

Slides:



Advertisements
Similar presentations
The IT Staff of the Future: The Importance of IT Business Alignment for Staff Development Katherine Spencer Lee Executive Director Robert Half Technology.
Advertisements

Museum Presentation Intermuseum Conservation Association.
Emergency Preparedness
FACILITY SAFETY: Creating a Safe and Secure Environment in the Community Health Center Presented by Steve Wilder, BA, CHSP, STS Sorensen, Wilder & Associates.
Dr. Julian Lo Consulting Director ITIL v3 Expert
Unit 8: Tests, Training, and Exercises Unit Introduction and Overview Unit objectives:  Define and explain the terms tests, training, and exercises. 
National Institute of Standards and Technology Computer Security Division Information Technology Laboratory Threat Information Sharing; Perspectives, Strategies,
Purpose of the Standards
FPSC Safety, LLC ISO AUDIT.
GROUP DYNAMICS AND TEAM DEVELOPMENT Radu RĂDUCAN.
BUILD WITH US. ™ Contractors
Internal Auditing and Outsourcing
Network Security Policy Anna Nash MBA 737. Agenda Overview Goals Components Success Factors Common Barriers Importance Questions.
Hosted by How to Conduct an Information Security (INFOSEC) Assessment The NSA INFOSEC Assessment Methodology (IAM) Stephen Mencik, CISSP ACS Defense, Inc.
BUSINESS COMMUNICATION AND NEGOTIATION Radu RĂDUCAN.
Unit 5:Elements of A Viable COOP Capability (cont.)  Define and explain the terms tests, training, and exercises (TT&E)  Explain the importance of a.
Organizational Change
Summary of Assessment Reports and Gap Analysis
Technician Module 2 Unit 2 Slide 1 MODULE 2 UNIT 2 Planning, Assessment & Analysis.
Background, Purpose, and Value of Exercises. 9/11 has changed water system security requirements Continued training for intentional incidents is critical.
UNIT 15 WEEK 9 CLASS 1 LESSON OVERVIEW Pete Lawrence BTEC National Diploma Organisational System Security.
℠ Pryvos ℠ Computer Security and Forensic Services May 27, 2015 Copyright © 2015 Pryvos, Inc. 1.
Workshop Four Topic 4.5 Human Resources Development © Ana G. Méndez University System, All rights reserved.
NFPA 1600 Disaster/Emergency Management and Business Continuity Programs.
Facilitated Discussions Starting the Conversation on Emergency Management Planning.
Illuminating Britelite’s Internal Services for Success Strategy for Process Improvement.
Illuminating Britelite’s Internal Services for Success Strategy for Process Improvement.
Continual Service Improvement Methods & Techniques.
An Overview THE AUDIT PROCESS. MAJOR PHASES IN AN AUDIT Client acceptance and retention Establish terms of the engagement Plan the audit Consider internal.
Information Security Office: Function, Alignment in the Organization, Goals, and Objectives Presentation to Sacramento PMO March 2011 Kevin Dickey.
Organization and Implementation of a National Regulatory Program for the Control of Radiation Sources Program Performance Criteria.
Three Lines of Defense and Business Continuity February 18, 2016.
Internal Audit Quality Assessment Guide
Business Continuity Planning 101
 In Ned law are a company that provides strategic consulting and management, composed of a team of high academic and social esteem, focused on optimization,
International Safety Rating System
For more information visit us at Up the Revolution – The law of unintended consequences strikes again David Sinclair Chartered health.
ValleyView Publishing.  To achieve a suitable location for the new office will be determined  To establish administrative systems  To establish an.
Cyber Security Phillip Davies Head of Content, Cyber and Investigations.
IMS Implementation Project
Society for Maintenance and Reliability Professionals (SMRP)
Planning for Succession
BruinTech Vendor Meet & Greet December 3, 2015
Physical Security Governance Model
Lee Gould, Occupational & Environmental Health Specialist – Northern Michigan University Tom Anthos, CIH – Principal Industrial Hygienist, Owner TriMedia.
CPA Gilberto Rivera, VP Compliance and Operational Risk
The same report also stated that:
ISSeG Integrated Site Security for Grids WP2 - Methodology
Agenda What is Corporate Governance?
Systems Analysis and Design in a Changing World, 4th Edition
Emergency Operations Planning
12.2 Conduct Procurements The process of obtaining seller responses, selecting a seller and awarding the contract The team applies selection criteria.
TechStambha PMP Certification Training
IS4680 Security Auditing for Compliance
Clinical Engineering Lecture (3).
LATIHAN MID SEMINAR AUDIT hiday.
Unit 7 – Organisational Systems Security
Assist. Prof. Magy Mohamed Kandil
America’s First National Critical Infrastructure Exercise
Protective Security Advisor Program Brief
Independent Internal Audit Quality Reviews
Cyber security Policy development and implementation
Breakout Session Summary Construction
IS4680 Security Auditing for Compliance
Wissam Maroun- CAMS Head Of Compliance- BBAC S.A.L
Taking the STANDARDS Seriously
Unit 6- IS 230 Fundamentals of Emergency Management
Internal Audit Who? What? When? How? Why? In brief . . .
Facilitating Change (AET 560)
Small Business Opportunities
Presentation transcript:

Walter “Pete” Lee - VP Operations PRIVATE and PUBLIC SECTOR “RED TEAM” PRACTICES Presenter Walter “Pete” Lee - VP Operations www.advantagesci.com

Objectives Provide an understanding of a Red Team exercise’s purpose and benefits Differentiate public and private sector Red Team practices Provide information on how to select a Red Team for evaluating physical security Provide best practices and lessons learned from both public and private sector Red Team Exercises

What is a Red Team The term “Red Team” is used to define different processes across many industries. Independent Review Boards Internal Review Processes Adversary Evaluations Challengers of Operational Concepts Ultimately an organized skilled group of individuals tasked to challenge assumptions and results or an opposing team of skilled individuals that model the tactics of an adversary.

Red Team Exercises A management tool used to reduce risk, identify vulnerabilities and opportunities for change. Provides participants an understanding of their adversary's tactics capabilities and vulnerabilities. Purpose: To validate or identify perceived vulnerabilities or weaknesses of facilities, security plans, policies, procedures, and technology. Performed by: Internal or external teams of specialists selected to meet objectives, with expertise in: physical security electronic security surveillance computer security social engineering covert and overt entry criminal and terrorist methodologies

Exercise Benefits (in general) Provides a means to exercise security technology, plans, and procedures against an adversary Identifies gaps in security systems, policies and procedures Identifies shortfalls in equipment and training Improves security posture and awareness Challenges established thinking within an organization – “Challenges the norms” Can provide additional support for needed improvements

Public vs. Private Sector Public Sector Red Team Practices Private Sector Red Team Practices

Exercise Development Steps Obtain management “buy-in” Forecast and obtain budget Develop goals and objectives Establish rules of engagement Identify and brief Red Team Identify and brief a “Trusted Agent” Conduct Exercise After Action Review with recommendations Mitigate gaps and risks

Red Team Tactics (Simulating the Tactics of the “Threat”) Open Source Information Data Mining Social Engineering Reconnaissance and Surveillance Impersonations/False Credentials Planning Rehearsals

Open Source Information Types of information gathered Routes to use for reconnaissance Facility photos Aerial photos Community attitude Law enforcement capabilities Demographics Crime rate Hate groups

Open Source Information Key management personnel and employees Phone numbers Email addresses Maps and Pictures Existing contracts Requests for Proposals Security personnel and procedures

Red Team Tactics Social Engineering Telephone calls Emails Personal Meetings

Comments from people that social engineering was effectively used against “He seemed like such a nice person” “I did not know that information I gave them was sensitive” “She knew the internal terms and department slang names we use around here” “He mentioned some of the people I know and work with around here” “She said it was for the Director” “How could I have given away any trade secrets, I don’t know any”

Reconnaissance and Surveillance Red Team Tactics Reconnaissance and Surveillance Types Purposes Equipment Methods Duration

Internal Team vs. Contract Team Internal Pros: More control Reduced labor cost Impromptu availability Flexibility Internal Cons: Evaluation objectivity Internal influence Organizational conflict Conflict of interest Training required Equipment cost

Internal Team vs. Contract Team Contract Pros: Objective view of true vulnerabilities Skilled professionals No training or equipment required Contract Cons: Third party knowledge Cost Liabilities

Selecting a Contractor Identify Your Objectives Select contractor based on Requirements Qualifications Past Performance Role Player Skill Sets Insurance / Litigations Specialty Requirements Confidentiality

Red Team Member’s Attributes Well-versed with the tactics and techniques of various adversaries and able to learn and live the Modus Operandi of the threat being portrayed Must be mature and even tempered Safety conscious Practices “Confidentiality” Must be proficient in surveillance and countersurveillance Must be able to blend in the environment Must be outgoing and able to live the lie Able to think quickly on their feet (situational awareness) Knowledge of security policy and procedures regulatory requirements and best practices

Obstacles to Red Team Success Lack of organizational support Objectives not clearly defined Management views objectives as pass or fail Lack of exercise realism Organization refuses to accept findings Inexperienced Red Team Lack of coordination or exercise conflicts with other events Failure to take action on findings

Security Trends Identified During Exercises Organizational procedures not being followed Security personnel not adequately trained in “use of force”, search, or detention procedures Over-reliance on passive security measures Lack of employee security awareness Security technology and barriers not properly deployed or utilized

Lessons Confirmed or Realized after Exercises Open source information is a vulnerability – review information being released to the public Security is undermanned – security should not be the first budget cut, positions must be manned smartly Security badges can be easily duplicated – passive security is not reliable, active security and authentication should be used Lack of ability to conduct security trend analysis - logging and analysis of security and suspicious incidents Lack of effective employee communications and information sharing - reinforcement of security training for employees is crucial – untrained staff create a weak link

Exercise Best Practices Red Team Exercises should not be relied on as the only tool for risk mitigation Performed in conjunction with a vulnerability assessment Exercises are performed on a regular basis Objectives are well-defined Ensure management support and “buy-in” Use a qualified team Results are actionable Benchmarking

8(a) SDVOSB, MBE, WBE,SDB, GSA Walter “Pete” Lee - VP Operations QUESTIONS ? Walter “Pete” Lee - VP Operations plee@advantagesci.com (310) 536-9876

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.