InfoSec Colour Team Structure – The White Team

The White Team are a high-level team with non-technical reasonabilities.  Generally, small in size, they are made from a mixture of senior technical members, management and business sponsors.  This White team primary reasonabilities are creating and communicating cybersecurity strategies, KPI and SLA’s, governance risk assessments, organising teams and planning cyber exercises.  It is vital that the White team remains neutral, as they can help resolve inter colour team disputes.

Be386b28 2a29 49ed 96c9 381426d6894f

The White Team can also be used during, a Blue vs Red cybersecurity exercise. They would be responsible for;

  • Overall planning and management of the exercise
  • Maximising the learning experience and post-exercise analysis
  • Provide the right level of authority to make critical decisions during the test, if required.
  • Throughout the process, if external test providers are used, the white team will maintain close communication with them.

93355412 3324 450c Aa64 55f761c6d16d

The White Team tend not to be technical in the same way as other coloured teams but are just as vitally important, they have a high-level view of the organisations Business and Information Technology systems. Some organisations will include outsourced cybersecurity consultancies to join their white team for third-party independent advice.

To read our other InfoSec articles please follow the link below.

Cyber Security Index

Contact us at SQA Consulting to find out how we can assist you in the development and build of your team’s skills, and in the testing of your cybersecurity capability. 

Get In Touch

Technology Consulting Partners