Tiger team

From Wikipedia, the free encyclopedia

Tiger team is a specialized group tasked with testing the effectiveness of an organization's ability to protect assets by attempting to circumvent, defeat or otherwise thwart that organization's internal and external security.

The term originated with the military to describle a team whose purpose is to penetrate security of "friendly" installations, and thus test their security measures. The members are professionals who install evidence of their success, e.g. leave cardboard signs saying "bomb" in critical defense installations, hand-lettered notes saying "Your codebooks have been stolen" (they usually have not been) inside safes, etc. Sometimes, after a successful penetration, a high-ranking security person will show up later for a "security review," and "find" the evidence. Serious successes of tiger teams sometimes lead to early retirement for base commanders and security officers.

The term was later used in engineering and manufacturing, referring to a team set up solely in response to a specific situation or problem, without considering wider or longer-term issues. The team typically operates (at least partially) outside the normal chain of command, and reports directly to a higher company officer. Particularly in aerospace engineering, tiger teams would often attack thorny technical problems that appeared late in the design phase. For example, tiger teams are often appointed to explore weight reduction measures when aircraft or spacecraft under development are too heavy, yet no easy weight reduction measures are obvious. The term can also be used operationally, as when a tiger team led by Gene Kranz was appointed to coordinate the safe return of Apollo 13 after the explosion which damaged it.

Afterward, the term became popular in the computer industry, where the security of computer systems is often tested by tiger teams; one of the earliest examples was with the Multics operating system. A subset of tiger teams are professional hackers, testing the security of military computer installations by attempting remote attacks via networks or supposedly "secure" communication channels.

In the computer security field, the term is now obsolete, and more common terms are penetration testers or security testers. Security assessment testing of a computer system or network infrastructure is called penetration testing.

Outside the computer security field, the term is still used to refer to any official inspection team or special "firefighting" group called in to look at a problem.