This chapter looks at three of the four major groups in the world of cybersecurity as described in the preceding chapter. I discuss the builders, breakers, and defenders. The fourth group, the bakers, has its own chapter following the discussion of the primary and secondary color groups.

Red: Analyze and Attack

At the heart of cybersecurity lies the ability to dissect, understand, and respond to threats. Analogous to the color red, which symbolizes attention and alertness, the Analyze work roles in the NICE Framework focus on identifying vulnerabilities, analyzing attack vectors, and deciphering complex data. Security analysts and incident responders exemplify the vigilant nature of red by scrutinizing security incidents and rapidly responding to mitigate threats. Just as the color red captures immediate attention, Analyze roles highlight the critical importance of identifying and addressing vulnerabilities in real time.

Red work roles are at the core of cybersecurity operations. Individuals in these roles are fundamentally attackers, which is why I use the term breakers. They identify vulnerabilities by conducting attacks on the IT systems and applications that run their organization. Many consider them ethical hackers. They embody the approach of offensive security needed to dissect complex cyber threats by simulating those threats in safe environments. Red teamers demonstrate their role in understanding potential ...