Survey Says: Improve Your Security Posture by Purple Teaming

Key Takeaways from Research by CyberRisk Alliance and PlexTrac

Survey says: Improve your security posture by purple teaming! PlexTrac recently partnered with CyberRisk Alliance to conduct a research study on the maturity of security teams based on purple teaming practices. This research focused on a few key topics:

• Adversarial emulation
• Red and blue teaming
• Purple teaming and more.

The results, which came from 315 security practitioners from the United States and Canada, uncovered several important takeaways that are sure to influence the information security industry now and in the future.

If you prefer to get your information through video, PlexTrac CEO Dan DeCloss joined a webcast with the CyberRisk Alliance Team where they discuss the survey results in depth.

Let’s get to the takeaways!

Red and Blue Teams Are Facing Technical Difficulties, and There’s a Proactive Solution

Many enterprise security organizations follow the red and blue framework when it comes to constructing their teams. However, members of these red and blue teams are reporting challenges that are very clearly soothed by a more proactive, purple approach.

Some of the most reported challenges for red/blue teams are siloed data and inability to get data analytics (51 percent), limited resources (46 percent), and a process that takes too long (36 percent).

In today’s fast moving information security industry, what are these red and blue teamers to do? By being more strategic and proactive with testing methods with purple teaming activities, like adversary emulation and tabletop exercises, teams can gain valuable insight that will help them do their jobs better. These exercises help gather vital security data analytics, which can guide security organizations to better decisions around prioritization and to provide more resources for areas with the most risk.

To detail this point further, the top reported outcome of adversarial emulation exercises (63 percent for those who red/blue team and 53 percent for purple teams) was improved security performance. Let’s talk some more about improved security performance…

Purple Teams Have Better Security Performance, Are Better at Defending Their Organizations

While claiming that purple teaming is effective is one thing, having research back it up is another thing entirely.

One of the clearest statistics from the survey was that of those surveyed who had conducted purple teaming exercises (26 percent), 89 percent deemed purple teaming activities “very important” to their security operations.

So what does this mean? While purple team exercise adoption may not be where it should be (100 percent), those who have gone purple or at the least conducted some form of adversarial emulation (45 percent) are reaping the benefits. Another interesting statistic pulled from the survey was that 88 percent of purple teaming users — compared to only 52 percent of red/blue team users — say their exercises are “very effective” in defending their organization against ransomware and advanced attacks.

The takeaway? Those who have gone purple believe it’s extremely valuable to their security operations and are reporting a stronger security posture than those who haven’t.

Hint: PlexTrac is The Purple Teaming Platform. Give us a peek to reap the benefits.

Collaboration Is the Key to Effective Purple Teaming

Eighty-eight percent of purple teamers believe their exercises are more effective than red/blue only adopters. This means that the key to an efficient security program isn’t just being more proactive as a team and conducting regular purple teaming exercises, but rather, embracing a full purple teaming paradigm.

Reducing the number of security attacks (and breaches) ranked as the number one priority for members of red and blue teams. While this goal is all well and good, preventing security attacks is nearly impossible if you can’t see adversaries coming or know where to look when you’re alerted to their presence.

With a collaborative environment, you foster an awareness security culture so your team always knows its most vulnerable areas. This is the best way to ensure that when a breach inevitably occurs all team members are prepared to remediate the issue and mitigate the damage.

Key Takeaways for the Reader

Here are some of the most important takeaways from our research with CyberRisk Alliance:

• Red and blue teams are experiencing many pains solved by purple teaming, including siloed data, inability to get data resources, limited resources, and a process that takes too long. The remedy? Purple teaming.
• Those who have gone purple believe it’s extremely valuable to their security operations and are reporting a stronger security posture than those who haven’t.
• Collaboration is the key driver to effective purple teaming. Without collaboration and cooperation, your organization isn’t working efficiently enough to prevent and mitigate inevitable cyber attacks.

Looking for a platform that was built to conduct purple teaming exercises, cultivate collaboration between your red and blue teams, and give your team a complete view of it’s security posture? PlexTrac is the solution for you. See the platform in action by booking a demo TODAY.