20.3: Perform Periodic Red Team Exercises
Perform periodic Red Team exercises to test organizational readiness to identify and stop attacks or to respond quickly and effectively.
Asset Type |
Security Function |
Implementation Groups |
|---|---|---|
N/A |
N/A |
3 |
Dependencies
Sub-control 20.1: Establish a Penetration Testing Program
Inputs
Enterprise penetration test policy
Operations
- Examine the enterprise penetration test policy for the following properties:
Red team exercises are specified to occur periodically
Note the periodicity of expected red team exercises
Interview security operations personnel to determine the last time a red team exercise was performed
Measures
M1 = (Boolean) 1 if the enterprise penetration testing policy contains periodicity for red team exercises; 0 otherwise
M2 = Time of last red team exercise
M3 = Current time
M3 = Current time - maximum period between red team exercises
M4 = (Boolean) 1 if the time of last red team exercise is greater than or equal to M3; 0 otherwise
Metrics
Red Team Exercises
Metric |
Are periodic Red Team exercises required by the enterprise’s penetration testing policy?
|
Calculation |
|
Frequency
Metric |
Was the last Red Team exercise performed within the appropriate time period?
|
Calculation |
|