By Paul Roege
In his book, Red Team: How to Succeed By Thinking Like the Enemy, Micah Zenko sheds light on practices of critical review that the intelligence and military planning communities started using during the Cold War to avoid strategic mistakes. Based upon five years of in-depth investigation as a fellow at the Council on Foreign Relations, the author reports how red teamers have exposed critical security vulnerabilities and intelligence weaknesses by taking a deliberately contrarian posture as they question assumptions, logic, and conclusions – trying at least to create a reasonable doubt about consensus conclusions.
As an historical foundation, Zenko credits Pope Gregory IX with early application of red teaming principles when he appointed a “Devil’s Advocate” in AD 1234 to argue alternative explanations for apparent miracles. In the process, the Pope dramatically reduced the rate of canonization but increased prevailing respect for sainthood. Based upon extensive research and definitive interviews, the author describes modern application of the same “red teaming” approaches, primarily within the US military and the Central Intelligence Agency. The latter, especially, has avoided some serious and errors by cultivating small communities of independent thinkers explicitly chartered to challenge “group think.” Eventually, the US Army’s established a Red Teaming program within its University of Foreign Military and Cultural Studies (UFMCS), which Zenko describes as the best source for principles and methods.
Interesting case studies expose behind-the-scenes stories that highlight the “what and why” of red teaming, exposing a mixed bag of results. For example, US officials made no real attempt to red team intelligence before launching the 1998 US cruise missile strike on the Al-Shifa pharmaceutical factory in Sudan. In contrast, US political leaders sought out opposing views of the uncertain evidence before taking a calculated risk to attack Osama Bin Laden’s compound in Pakistan in 2011. In that instance, the strike team itself benefited from red teaming at the tactical level, as they anticipated and practiced the contingency of a crashed aircraft – avoiding a situation that could have been as disastrous as the 1980 Iran hostage rescue.
Another application of red teaming involves injection of an adversary into operational analyses or an actual probe to penetrate existing security systems. The Federal Aviation Administration used red teaming in post 9/11 analyses to help prevent terrorist attacks on civilian airliners using man-launched missiles. Similarly, the New York City police department has improved its terrorism response capabilities through vigorous use of red teaming in operational planning exercises. Not all exercises turn out so well: Zenko criticizes the Transportation Security Agency for ignoring successful “penetration tests” of airport security, pointing out that red teaming only works if leaders want to hear the results..
The author supplements case studies with authoritative interviews and other research to distill principles and recommendations, perhaps the most salient being organizational resistance. Leaders tend to trust their own judgment and, as the scale of the enterprise increases, they grow all the more confident that their subordinates should be able to identify and correct vulnerabilities. Organizations naturally reject input from outsiders or low-ranking members, which teaches people not to “upset the apple cart” if they want to be promoted.
Zenko deserves credit for thorough research and objectivity, and for crafting the book in a style that conveys the flexible nature of the topic. The vignettes highlight techniques, considerations and pitfalls, which the author ultimately summarizes with best practices and specific recommendations for government action. This is not an instruction manual for prospective red teamers, but it does identify important considerations on selection, conduct and disposition of red teaming activities – beginning with a strong admonition not to employ red teaming unless leaders are committed to hear and respond to the results.
For those who welcome critical feedback, the book offers helpful advice about when and how to use red teaming – and what to watch out for when selecting a consultant. The topic might be particularly useful for those engaged in the emerging field of resilience, which focuses heavily upon change and unknowns.