Why You Should be Using Red Teams to Enhance Hospital Security

Red Teams can evaluate campus protection measures and challenge your assumptions about how secure your hospital is against the threats posed by criminals, terrorists and others.
Published: September 30, 2018

An officer on routine patrol spots a suspicious individual taking photos of the exterior of a building on the hospital campus. Before the officer can approach the individual, he departs the property. Later in the day, the same suspicious person is spotted by employees inside the secured power plant on campus. They immediately contact security and he is stopped and questioned.

What sounds like potential terrorist activity is actually a “Red Team” surveillance and penetration exercise. The suspicious individual in this case is a carefully selected Red Team member who was given instructions from hospital security executives to gather information about vulnerable locations on the hospital campus and attempt to infiltrate secured critical areas. Upon being stopped by security, he produces his official identification and successfully answers a challenge phrase to confirm his identity.

In a debriefing after the exercise, the Red Team member displays photos he took of critical infrastructure of the hospital and tells security leadership how he piggybacked into the power plant behind an employee. The information gleaned from the exercise is later used to enhance security of the power plant and other areas at the hospital.

What Is a Red Team?
The term “Red Team” and the concept of the Red Team exercise is nothing new or revolutionary. The U.S. military has been using Red Teams (also referred to as the Opposition Force or OPFOR) to simulate the enemy during field exercises for quite some time. Also, information systems’ security professionals use red teams, or ethical hackers, to test security defenses regularly. In short, a Red Team is comprised of two or more people who are playing the role of the enemy. In the case of hospital security, the “enemy” could be a criminal intent on stealing or destroying assets within your facility, a terrorist planning an active shooter attack or any other scenario you develop.

——Article Continues Below——

Get the latest industry news and research delivered directly to your inbox.

4 Reasons Why You Should Be Using Them
Red Teams are helpful in evaluating your hospital security and challenging your assumptions about how secure your hospital is against the threats posed by criminals, terrorists and others. Here are just some of the ways that Red Teams are useful:

  • 1. Red Teams identify issues that a security risk assessment might miss. When you conduct a security risk assessment of a building on your hospital campus, you’re typically doing it with notice to the key people in that building and involving them in the process. Also, you’re probably someone the building occupants recognize, so you’re unlikely to be challenged by people because they don’t consider you to be suspicious. A Red Team member, on the other hand, is someone unknown to the occupants and is not conducting a formal, announced risk assessment. They are charged with challenging security in a realistic manner by attempting to use a variety of means to infiltrate secured areas and to conduct surveillance.
  • 2. Red Teams can help uncover targets for terrorism. A fresh look at your hospital from the standpoint of a Red Team member acting as a terrorist may uncover previously unknown vulnerabilities. When you charge the Red Team with evaluating targets for terrorist acts against infrastructure and people, they switch their mindset to that of a terrorist. They look for opportunities to disrupt your hospital and/or inflict mass casualties. While it may sound disturbing, it might not be something you have done during a risk assessment or even considered previously.
  • 3. Red Teams keep your security department on its toes. By involving security in a Red Team exercise, you can test your security team’s ability to spot suspicious activity related to criminal and/or terrorist activity.
  • 4. Red Teams build expertise within your security team. By giving your security staff assignment to the Red Team, you are providing them with a unique opportunity to view security from a different perspective.

How To Form a Red Team
A Red Team can be formed using internal or external resources, but it should always be comprised of security professionals. Using the internal resources approach, the Red Team members are sourced from existing hospital security staff.  Ideally, these team members should be security staff from other campuses (if you are a multi-site hospital system) who are unknown to staff at the target hospital site. They should be experienced security personnel, but anyone from officers through supervisory staff may be used. An internal team helps to control costs associated with hiring contract staff and also helps to ensure the control of vulnerability information that may be identified during Red Team exercises.

However, externally sourced Red Teams can also be effective. An external Red Team can be hired through a contracted professional security service. The selection of a professional, experienced, discreet security provider is paramount to the success of an external Red Team.

As long as the Red Team is comprised of experienced security professionals, there is little formal training required to field a Red Team. The most important training that these team members need to receive is related to the operating guidelines and restrictions associated with the Red Team exercise as described below.

Strategy & Planning Series
Strategy & Planning Series
Strategy & Planning Series
Strategy & Planning Series
Strategy & Planning Series