Sign up to save your podcasts
Or
Share Managing Uncertainty Podcast - Episode #57: Red Teaming
Share to email
Share to Facebook
Share to X
Share to email
Share to Facebook
Share to X
Or
Managing Uncertainty Podcast - Episode #57: Red Teaming
In this episode of the Managing Uncertainty Podcast, Bryghtpath Principal & CEO Bryan Strawser takes a look at using physical security penetration testing order to improve and mature the physical security of a facility or organization.
Topics discussed include physical security penetration, red teaming, authorizations, tools, techniques, and more!
In addition to this episode, this article from our blog providing an overview of Physical Security Penetration Testing may also be valuable.
Episode Transcript
Bryan Strawser: Hello, and welcome back to the Managing Uncertainty Podcast. This is Bryan Strawser, principal and CEO at Bryghtpath, and I’ll be solo on today’s episode where we’re going to be talking about physical security penetration testing or red teaming, and I want to give a little bit of background as we get into this topic.
What we’re really talking about here is understanding the physical security vulnerabilities of a facility or an organization kind of writ large, looking at multiple facilities. As we think about how to protect locations like this, a lot of security breaches, even information security breaches, occur when attackers take advantage of some type of physical security deficiency or vulnerability that lets them gain unauthorized access. This is really common with disgruntled ex-employees or sophisticated crime rings or some other nefarious entities who will employ sophisticated attack techniques and methods to exploit those vulnerabilities, those deficiencies, to gain unauthorized access to a company’s assets and facilities.
Bryan Strawser: Once they’ve breached into that trusted environment, they can then steal hard assets, so physical objects, cash, other remittance capabilities. They can take intellectual property, they can install equipment that acts as an advanced persistent threat in a physical sense, and it can otherwise cause serious disruption to your organization. When we think about the physical security of a facility, we often don’t always realize the misconceptions that might be in place. For example, large manufacturing and distribution organizations, facilities rather, often have fencing, and on that fencing, they may install surveillance equipment, CCTV or something similar, but if that feed is not monitored and those alerts are not reacted to, then it is very easily and quickly able … You’re very quickly and easily able to penetrate that facility because what you have instead is a record of what has happened rather than a tool that has helped you keep the bad guy out of your facility.
Bryan Strawser: A lot of organizations, it’s astonishing, but many organizations are just not aware of the blatant flaws in their physical security approach until something happens.
Bryan Strawser: So that’s what we want to talk about today is how physical security penetration testing can help you detect vulnerabilities in your security systems and your approach to defense in depth from a physical standpoint and how we’re able to use physical security penetration to test and probe that.
Bryan Strawser: So the objective of physical security penetration testing is to assess the ability of current physical security controls to prevent penetration by bad actors and then t
View all episodes
By Bryghtpath LLC
5
99 ratings
In this episode of the Managing Uncertainty Podcast, Bryghtpath Principal & CEO Bryan Strawser takes a look at using physical security penetration testing order to improve and mature the physical security of a facility or organization.
Topics discussed include physical security penetration, red teaming, authorizations, tools, techniques, and more!
In addition to this episode, this article from our blog providing an overview of Physical Security Penetration Testing may also be valuable.
Episode Transcript
Bryan Strawser: Hello, and welcome back to the Managing Uncertainty Podcast. This is Bryan Strawser, principal and CEO at Bryghtpath, and I’ll be solo on today’s episode where we’re going to be talking about physical security penetration testing or red teaming, and I want to give a little bit of background as we get into this topic.
What we’re really talking about here is understanding the physical security vulnerabilities of a facility or an organization kind of writ large, looking at multiple facilities. As we think about how to protect locations like this, a lot of security breaches, even information security breaches, occur when attackers take advantage of some type of physical security deficiency or vulnerability that lets them gain unauthorized access. This is really common with disgruntled ex-employees or sophisticated crime rings or some other nefarious entities who will employ sophisticated attack techniques and methods to exploit those vulnerabilities, those deficiencies, to gain unauthorized access to a company’s assets and facilities.
Bryan Strawser: Once they’ve breached into that trusted environment, they can then steal hard assets, so physical objects, cash, other remittance capabilities. They can take intellectual property, they can install equipment that acts as an advanced persistent threat in a physical sense, and it can otherwise cause serious disruption to your organization. When we think about the physical security of a facility, we often don’t always realize the misconceptions that might be in place. For example, large manufacturing and distribution organizations, facilities rather, often have fencing, and on that fencing, they may install surveillance equipment, CCTV or something similar, but if that feed is not monitored and those alerts are not reacted to, then it is very easily and quickly able … You’re very quickly and easily able to penetrate that facility because what you have instead is a record of what has happened rather than a tool that has helped you keep the bad guy out of your facility.
Bryan Strawser: A lot of organizations, it’s astonishing, but many organizations are just not aware of the blatant flaws in their physical security approach until something happens.
Bryan Strawser: So that’s what we want to talk about today is how physical security penetration testing can help you detect vulnerabilities in your security systems and your approach to defense in depth from a physical standpoint and how we’re able to use physical security penetration to test and probe that.
Bryan Strawser: So the objective of physical security penetration testing is to assess the ability of current physical security controls to prevent penetration by bad actors and then t