Guerillia Warfare for the Blue Team

Rob Carson

Rob Carson

Speaker Bio

Rob Carson, CISSP, CISA delivers Simplified and Tailored Security Compliance


Blue teamers in the trenches need to stop living groundhog’s day. Time to punch Bill Murray in the face and change the game in our favor. The game has changed but the basics are the same.

Coined in the 90’s by General Krulak, the three-block war is described as full-scale military action, peacekeeping operations (PKO) and humanitarian aid within the space of three contiguous city blocks.

How does this compare to starting your morning activating your incidence response (IR) plan due to a suspected credential breach, Change management meetings (Compliance), and handing out hugs while CXO’s change their passwords for the first time.

1. No one is shooting at you.
2. Not much else

Just as methods of warfare have changed, so too has the way we must run security programs. What does takes to prepare and execute your own 3 block Blue team war?