This chapter looks at the secondary color groups, which represent the interdisciplinary cybersecurity work roles you get when mixing two of the primary colors together. In this chapter, you learn new roles that are specific to the cybersecurity industry, such as purple teams; and you learn the value of adding security skills to the roles in the yellow/builder category.

Creating green and orange teams creates value for the individuals in those roles, as they achieve new capabilities and differentiate themselves from former peers who do not possess such skills. Green and orange teams also add significant value to the organization. As you will see in some of the case studies in Chapter 8, when nonsecurity work roles are exposed to and educated on security tasks, they start asking different questions considering the security implications of the activities they may have otherwise taken for granted or simply accepted without question.

Purple: The Evolution of Cyber Innovation

Purple is the most commonly known and referred to secondary color in cybersecurity. The objective is to combine the primary capabilities of offensive tactics (red) and defensive tactics (blue) into a blended powerhouse of knowledge and capability. The power of “purple teaming” is all about strengthening cyber defense through collaboration. The origins of this color slice can be found in the military arena of war gaming. My youth and appetite ...