Skip to Main Content
Over time, network threats change, so a computer network defense system must be periodically tested to assess its true ability. Within the computer network arena, organizations are using cyberexercises to test reactions to security attacks and penetrations. Cyberexercises take a variety of forms; one of the most popular pits an attacking red team against network, system, and security administrators. Red teams are a popular way to test an organization's security posture, but proceeding too quickly with this kind of exercise can be counterproductive. Examining network security from a comprehensive organizational viewpoint raises several interesting questions: When are red teams and technical exercises appropriate? What aspects of network security do these types of exercises test? What alternative cyberexercises might be more suitable?.