I was recently reading Admiral William McRaven's book, "Sea Stories: My Life in Special Operations" and in the book it referenced a paper he published titled, "The Theory of Special Operations". After locating and reading the paper, my mind made an immediate relation to cybersecurity. There's an obvious difference between physically conducting an exercise in a foreign country vs. using the Internet to gain access to sensitive data but it makes sense to me on the "Why" a competent red team can be so successful against the blue team.
Here are few key points from the paper and the link will be below that. Let me know your thoughts on the matter related to effective defensive practices to quickly counter relative superiority or if you don't think it relates at all and it's all in my head!
Relative superiority – A condition that exists when a smaller force gains a decisive advantage over a larger or well defended enemy.
Principles
- Simple plan (limit the number of objectives, have good intel, and use innovation)
- Carefully concealed (Prevent foreknowledge of an impending attack, aka keep it secret)
- Realistically rehearsed (Hones individual/group skills and unmasks weaknesses in the plan)
- Executed with surprise, speed, and purpose (Needed to accomplish the goal before relative superiority is lost)
The principles of special operations work because they seek to reduce warfare to its simplest level, and thereby limit the negative effects of chance and uncertainty.
The three phases of an operation with the principles included:
- Planning: Simplicity
- Preparation: Carefully concealed, Constant realistic rehearsal
- Execution: Surprise, Speed, Sense of Purpose
The Theory of Special Operations