Why are purple security tests key to your cyber strategy?

ISJ hears exclusively from Anu Kukar, Cyber Partner, Deloitte.

Purple security tests are on the rise due to increased complexity, speed and volume of cyber-threats and attacks, requiring organisations to accelerate their resilience strategy.

Through collaboration between red (offensive) and blue (defensive) teams these tests combine the capabilities of both teams and enhance organisational detection and responsiveness during a cyber-attack.

The unified approach helps identify areas of vulnerability and focus to strengthen the organisation’s security posture, through practicing and learning from how quickly and effectively the organisation can detect, respond and recover from cyber-attacks.

Adding the current geopolitical tensions and use of AI for cyber-attacks, embracing this trend is vital for staying ahead in the evolving threat landscape.

This article will dive in and explores five key reasons driving the surge in purple security tests within cyber strategies.

Purple tests increase security awareness and culture

Purple tests provide a powerful mindset shift through a hands-on immersive experience for the team conducting it and those in the core team observing.

Traditional security awareness training and regular reminders are often not effective on their own.

Personally, through my experience and what I’ve seen of my global peers, is that our learning impact increases when we’re practically involved.

Your personal involvement along with your team is what drives you to remember and resonate with, which in turn paves the way to champion those security initiatives.

As employees become more informed about potential threats and see first-hand how security teams detect and respond, they will be inclined to drive this message forward, thereby engaging in security practices that protect the organisation as a whole.

Purple tests break down silos

Purple tests at their core bring together two distinct teams within security, red and blue, who have a completely different purpose and objective. Bringing them together to practice as one team fosters collaboration and unifies the team toward their common mission to protect the organisation.

Bringing in members from other departments to observe or contribute further encourages cross-functional teams into a common mission breaking down organisational silos.

Consider how this establishes cohesion and open communication – two vital assets that ensure timely response and recovery from a cyber-incident.

Purple tests enable innovation

A collaborative approach during times of difficulty, such as a crisis, often unites our teams towards a common goal.

A combination of people with varied backgrounds, experiences and ideas serves as a powerful force in overcoming organisational adversity.

This, in turn, increases the chances of coming up with out-of-the-box solutions to protect and make the organisation resilient.

Purple tests increase empathy

Purple tests increase empathy through building appreciation and respect for our security teams.

Understanding what other teams deal with, often as a result of their business decisions both inside and outside the security team, fosters this mutual respect and bonding.

This is heightened when collaborating, as outlined in the breaking of silos.

This mutual respect creates a better work environment but also helps during crises as the appreciation brings about the cohesion needed to respond together to cyber-attacks effectively.

Purple tests build a growth mindset

A growth mindset is one of the key skills identified as a future skill.

Many organisations and leaders promote and encourage building a lifelong learning mindset, to help the workforce stay relevant and future fit.

Purple tests, through continuous learning and practicing on new threats, provide an excellent way to build this growth mindset.

Threats continue to evolve, which form as a basis for prompting continual learning and adapting in the organisation’s workforce.

How to get started with purple security tests

Given the criticality and benefits of purple security tests, getting started and set up right within your organisation is key. Here are three pragmatic steps to get started:

1. Agreeing clear objectives and metrics – start within the security function by agreeing what the objectives are and the associated metrics to measure progress over time. Two common starting points for detection and response are reducing response times to incidents and improving vulnerability detection rates. Then ensure that these objectives and metrics are socialised across the executive team for buy-in, support and awareness, with progress results communicated through cyber-reporting in the organisational governance forums

• Establish a continuous testing framework – establish a standalone framework or integrate into an existing one, that outlines these key elements: Why you are establishing continuous testing in the organisation; what the objectives and metrics will be; what kind of testing will take place and when; how these tests will be undertaken and their frequency; which kind of tools and technologies are to be used; what the guardrails are and how these will be monitored for undertaking such tests safely; how the test results will be reported and governed

• Create a cross-functional security team – form a cross-functional security team that undertakes these purple tests as a core team. The team should comprise of red and blue teaming, security GRC, risk and compliance, IT, operations, legal, HR and the crisis management lead as minimum. This team will be part of bringing diverse thoughts and will champion back to their respective division about this important work to prepare the organisation before, during and after a cyber-attack

About the Author

Anu Kukar is an award-winning cybersecurity executive with 20+ years of experience in industry, consulting and technology across the EMEA, UK, Nordic, APAC and ANZ regions.

She brings a diverse and unique perspective to business executives around enhancing security posture and mindset whilst undertaking organisational technology transformations.

Anu is passionate about next-gen leadership, building a lifelong learning workforce and attracting diverse talent in cyber and technology.