Izvorni znanstveni članak
https://doi.org/10.37458/nstf.25.2.1
The Creator Destroyer method - an exploration into a non-rational approach of red teaming
Djie Han Thung
Willem Leeuwenkamp
Giliam de Valk
Sažetak
In this article, we focus on a new perspective for asymmetric red teaming. In asymmetric red teaming, there are two issues that are problematic to deal with. Firstly, to red team it is advised to bring in external people for a fresh view, but this may cause problems for reasons of sensitivity. Secondly, although creativity is highly valued, there is an implicit rationality bias in the thinking of most professionals.
In the Netherlands, a method has been developed – and tested – that has a high potential to address both issues at the same time. Firstly, the exercise is designed such that it will detach the security officers from their daily routine and thinking. As part of it, the participants have to invent – and play – a mythical persona, with mythical powers, that are a threat for the interests they must protect. This approach will get the officers out of their daily routine, and lead to a free way of thinking – detached from their daily work. Above that, the mythical powers of their persona trigger a creative approach on finding possible new modus operandi. This way, the first issue – just to work with your own team and at the same time come to fresh creative views as if you are an outsider – can be addressed.
Secondly, also the rationality bias will be addressed. By developing and playing mythical persona, the process of creativity taps in into a deeper, subconscious, level. You tap in to the deeper level of archetypes and non-rationality. The participants can leave behind their rationality bias that permeates the western (labor) culture.
Thirdly, an extra element has been built in the method. By handing out cards, the participants are asked to reflect on certain emotions and sins in the context of their security issue. It leads to an additional layer of creativity on top of the other ones. In one of the exercises, for example, a participant drew the card on vanity. The outcome was that if someone like a prime minister would visit the organization, the head of security would not leave the welcoming to the subordinates, as it should be conforming the protocol. The head of security would personally come downstairs instead to welcome this guest, as this visit would be the career highlight. Meaning that when the stakes are the highest – the most vulnerable guests possible are visiting your organization – the coordinator is not in place when something happens.
The exercise can be carried out within two hours. If a guided come-back-hour within a week is held, this will lead to additional results. The method needs special attention in the way it is carried out. Firstly, the framing of the exercise – before the actual exercise is started – is crucial. Only then the free-thinking process really takes off. Secondly, during the exercise, the facilitator of the exercise never at any moment interferes with the contents of the process.
Ključne riječi
red teaming, security design, non-rationality, irrational unknowns, residual threat
Hrčak ID:
323884
URI
Datum izdavanja:
17.12.2024.
Posjeta: 0 *