{"id":491239,"date":"2017-04-03T09:02:00","date_gmt":"2017-04-03T07:02:00","guid":{"rendered":"http:\/\/nhub.news\/?p=491239"},"modified":"2017-04-03T11:10:15","modified_gmt":"2017-04-03T09:10:15","slug":"uk-leading-in-using-red-team-cyber-security-testing","status":"publish","type":"post","link":"http:\/\/nhub.news\/fr\/2017\/04\/uk-leading-in-using-red-team-cyber-security-testing\/","title":{"rendered":"UK leading in using red team cyber security testing"},"content":{"rendered":"

Red teaming is set to become a key approach to ensuring cyber security controls and processes are fit for purpose and compliant with regulations, and the UK is leading the way.<\/b>
In the face of increasing data protection regulations and cyber security threats, red team testing is an essential tool to find out just how susceptible organisations are to cyber attack.
This is the view of risk management and red teaming expert Justin Clarke-Salt , managing director and co-founder of Gotham Digital Science, a Stroz Friedberg company.
The concept of an adversarial team, or red team, defensive team, or blue team, has been common in the energy sector among others that operate in hostile environments for decades.
As cyber attacks make cyber space an increasingly hostile environment for all organisations that rely on the internet, red teaming is likely to become a common element of cyber defence efforts.
In 2015, the UK finance industry launched the CBest threat intelligence-led cyber resilience testing framework , which embodies the red teaming approach.
CBest is designed to find out how susceptible the big operators in the UK financial services sector are to highly advanced attackers like national state attackers, national state sponsored attackers and organised crime attackers.
Typically the cyber resilience of an organisation is tested by running simulated cyber attacks using various threat intelligence-based scenarios, and often without warning the participants.
Since 2015, regulators in the financial hubs of Hong Kong, Singapore, Europe and the US have looked at this with a lot of interest.
\u201cRegulators are asking critical organisations to prove they have the appropriate controls in place, and it is not just in the financial sector, where CBest is already up and running,\u201d he told Computer Weekly.
Similar approaches are in development for telecoms, nuclear and even for space in the UK. \u201cSo it is being looked at by various regulators,\u201d he said.
This increased pressure from regulators worldwide will push in-house red teaming capabilities to accelerate in 2017, according to the Stroz Friedberg Cybersecurity Predictions report.<\/p>\n

\u00a9 Source: http:\/\/www.computerweekly.com\/news\/450416013\/UK-leading-in-using-red-team-cyber-security-testing<\/a>
\nAll rights are reserved and belongs to a source media.<\/span><\/p>\n