It is likely that Sun Tzu has been quoted in dozens of InfoWarCon presentations over the years and Boyd’s OODA Loop makes an appearance every year. As security professionals, we often recognize the intersection of strategy and conflict with our field, but have done very little to document our own lessons learned.
Matt’s first professional red teaming engagement was in 1995 against Department of Defense classified systems and over 20+ years he’s run several hundred red teams, not only against U.S. and coalition partners, but against every critical infrastructure in the private sector and against concepts like U.S. government technology strategies for the Chairman of the Joint Chiefs and the war on terrorism.
This presentation draws upon over twenty years of experience to provide 20 lessons learned in red teaming to help guide and inform the next generation of red teaming. These lessons are not technical lessons, but rather the targeting strategies, communication dynamics, and strategic views informed by the diverse array of engagements and intended to be timeless observations.