
Discover how elite organizations expose their own vulnerabilities before enemies do. Zenko's "Red Team" reveals the six principles behind military and corporate adversarial thinking that's revolutionized cybersecurity. What blind spots are costing you right now that a "fearless skeptic" could identify?
Micah Zenko, author of Red Team: How to Succeed By Thinking Like the Enemy, is a national security expert and senior fellow at Chatham House, renowned for his work on strategic decision-making and conflict prevention. A PhD graduate from Brandeis University, Zenko’s career spans roles at Harvard’s Belfer Center, the U.S. State Department, and the Council on Foreign Relations, where his research focused on military operations and risk assessment.
His groundbreaking book, blending business strategy and security studies, draws on over 250 interviews with leaders in intelligence, counterterrorism, and corporate sectors to reveal how adversarial thinking can transform organizational planning.
Zenko’s earlier works include Between Threats and War: U.S. Discrete Military Operations in the Post-Cold War World, analyzing military strategy, and Clear and Present Safety, co-authored with Michael A. Cohen, which challenges misconceptions about global security. As Director of Research and Learning at the McChrystal Group, he advises organizations on red teaming methodologies to anticipate vulnerabilities. A frequent contributor to The Atlantic, Foreign Policy, and The Guardian, Zenko’s insights are cited by policymakers and Fortune 500 executives alike. Red Team is widely utilized by military planners and corporate leaders, cementing Zenko’s reputation as the foremost authority on challenging institutional assumptions.
Red Team explores the practice of red teaming—adopting adversaries’ perspectives to identify organizational vulnerabilities. Micah Zenko traces its origins in military strategy, CIA counterterrorism efforts, and business applications, using case studies like the hunt for Osama bin Laden. The book provides frameworks to challenge assumptions, avoid groupthink, and enhance decision-making through structured skepticism and alternative analysis.
Security professionals, corporate strategists, and policymakers will find Red Team invaluable. It’s particularly relevant for leaders in cybersecurity, risk management, and military planning, as well as executives seeking to anticipate competitor moves. Zenko’s blend of historical examples and practical advice caters to anyone responsible for high-stakes decision-making.
Yes—Red Team is praised for its rigorous research and actionable insights into mitigating blind spots. While critics note ambiguities about whether red teaming is an innate skill or teachable practice, the book remains essential for understanding adversarial thinking. Its real-world applications in security and business make it a standout resource.
Micah Zenko is a political scientist, Senior Fellow at Chatham House, and former Council on Foreign Relations expert. With a PhD from Brandeis University, he’s authored books on military operations and national security. His work combines academic analysis with insights from 250+ interviews with red team practitioners.
Red teaming is a disciplined process of simulating adversarial perspectives to stress-test strategies. Zenko frames it as a tool to combat groupthink, challenge assumptions, and uncover hidden risks. Originating in military war games, it’s now applied to cybersecurity, corporate strategy, and counterterrorism.
Key examples include:
Traditional analysis optimizes existing plans, while red teaming seeks to dismantle them. Zenko emphasizes role-playing, war gaming, and alternative hypotheses to expose flaws. Unlike consensus-driven methods, red teams operate independently to prioritize critical inquiry over confirmation bias.
Businesses use red teams to:
Critics argue red teaming risks fostering excessive skepticism or bureaucratic resistance. Zenko highlights tensions between formal training and the “maverick” mindset required. Some practitioners question whether the skill is innate versus teachable, creating implementation challenges in hierarchical organizations.
Unlike broad strategy guides, Red Team focuses on adversarial analysis with military-grade rigor. It complements Sun Tzu’s The Art of War by providing modern methodologies and contrasts with behavioral economics books by linking cognitive biases to actionable organizational reforms.
Yes—Zenko analyzes the U.S. Army’s use of red teams to revise Iraq War strategies and improve intelligence during the bin Laden manhunt. These case studies demonstrate how red teaming reshaped tactical planning and mitigated flawed assumptions.
Feel the book through the author's voice
Turn knowledge into engaging, example-rich insights
Capture key ideas in a flash for fast learning
Enjoy the book in a fun and engaging way
What happened on 9/11 was a system designed for failure.
You cannot grade your own homework.
Incompetence breeds overconfidence.
Your ability to mind read is more praiseworthy than your ability to think critically.
Unless the commanders themselves want it...it won't matter.
Break down key ideas from Red Team into bite-sized takeaways to understand how innovative teams create, collaborate, and grow.
Experience Red Team through vivid storytelling that turns innovation lessons into moments you'll remember and apply.
Ask anything, choose your learning style, and co-create insights that truly resonate with you.

From Columbia University alumni built in San Francisco
"Instead of endless scrolling, I just hit play on BeFreed. It saves me so much time."
"I never knew where to start with nonfiction—BeFreed’s book lists turned into podcasts gave me a clear path."
"Perfect balance between learning and entertainment. Finished ‘Thinking, Fast and Slow’ on my commute this week."
"Crazy how much I learned while walking the dog. BeFreed = small habits → big gains."
"Reading used to feel like a chore. Now it’s just part of my lifestyle."
"Feels effortless compared to reading. I’ve finished 6 books this month already."
"BeFreed turned my guilty doomscrolling into something that feels productive and inspiring."
"BeFreed turned my commute into learning time. 20-min podcasts are perfect for finishing books I never had time for."
"BeFreed replaced my podcast queue. Imagine Spotify for books — that’s it. 🙌"
"It is great for me to learn something from the book without reading it."
"The themed book list podcasts help me connect ideas across authors—like a guided audio journey."
"Makes me feel smarter every time before going to work"
From Columbia University alumni built in San Francisco

Get the Red Team summary as a free PDF or EPUB. Print it or read offline anytime.
A small team within the Federal Aviation Administration spent years before 9/11 doing something extraordinary: they smuggled fake bombs past security screeners, slipped into restricted areas, and boarded aircraft undetected. They documented every vulnerability, filed every report, and sounded every alarm. No one listened. When the 9/11 Commission later investigated, they delivered a devastating verdict: this wasn't a system failure-it was a system designed for failure. The information existed. The warnings were clear. But institutional blindness proved fatal. This pattern isn't unique to aviation security. In 2014, General Motors recalled millions of vehicles with faulty ignition switches linked to at least 119 deaths. Employees had flagged the issue years earlier, but GM's culture encouraged watered-down language that obscured safety concerns. The problem wasn't missing information-it was an organization incapable of hearing bad news. Whether preventing terrorist attacks or avoiding market failures, institutions consistently fail to identify their own weaknesses. Red teaming offers a structured way to challenge plans, systems, and assumptions by adopting an adversarial perspective. Through stories of over 200 practitioners-from CIA directors to ethical hackers-we discover how organizations can overcome blind spots before disaster strikes.
Organizations cannot objectively evaluate their own failures. The CIA's post-9/11 detention program was evaluated by the same personnel who designed it, perpetuating years of ineffective, ethically questionable practices despite requests for independent analysis. Cognitive biases prevent leaders from identifying critical shortcomings. Mirror imaging makes us assume others think like we do. Confirmation bias favors information supporting existing beliefs. The Dunning-Kruger effect compounds this - the least competent are worst at judging their own performance, creating a feedback loop where incompetence breeds overconfidence. Organizational culture deepens these biases. Employees get "captured" by their environment, unconsciously adopting their bosses' preferences. Military officers score significantly lower than the general population on openness to new ideas, showing how certain cultures actively discourage divergent thinking. Despite claiming to welcome dissent, leaders rarely hear it. One Marine officer noted: "Your ability to mind read is more praiseworthy than your ability to think critically." GM employees used euphemisms like "does not perform to design" instead of "dies," contributing to preventable deaths. Red teaming addresses these blind spots through simulations and alternative analyses - helping institutions identify vulnerabilities objectively.
Red team success depends entirely on genuine leadership support. Retired Marine Lieutenant General Paul Van Riper states: "Unless the commanders themselves want it, support it, resource it, institutionalize it, and respond to it, it won't matter." Effective buy-in requires leaders to recognize specific vulnerabilities red teaming can address. This often follows catastrophic failure-the FAA created its red team after the 1988 Pan Am Flight 103 bombing. Forward-thinking leaders act proactively: Microsoft regularly employs red teams to probe software releases before launch. Support must cascade throughout the organization. When imposed from above without context, junior leaders "sleepwalk" through the process, treating it as box-checking. Leaders must demonstrate commitment through tangible resources-dedicated personnel, adequate funding, protected time-while avoiding the pitfall of treating red teams as "dumping grounds" for underperformers. Leaders must create environments where red teamers can speak truthfully without fear of retribution. The pre-9/11 FAA red team exemplifies this failure. Despite exposing serious vulnerabilities, leadership systematically undermined them-tipping off airports about inspections, instructing members to omit findings. When frustrated members went public in 2001, they faced retaliation-a tragic leadership failure with catastrophic consequences.
Red teams must balance semi-independence with organizational sensitivity. As former CIA deputy director Jami Miscik warned, they "cannot be a separate back-office group that studies their navels, and isn't engaged with the rest of the building." Three factors guide successful positioning: structure, scope, and sensitivity. Structurally, red teams should be semi-independent, reporting directly to senior leadership. Proper scoping prevents mission drift through clear targets, timelines, and objectives. Red teams should calibrate intensity gradually so lessons can be implemented. They must operate with sensitivity-understanding institutional concerns, regulatory constraints, and available resources. As Charles Henderson of Trustwave Holdings notes: "Our job isn't to break into a computer network or building, it's to improve the security of the client." The CIA Red Cell exemplifies this approach. Created after 9/11 to challenge conventional intelligence thinking, it became a sought-after posting. CIA director Michael Hayden found their work "a little too much like science fiction at times" but read everything they produced because he "wanted to have my mind stirred."
Successful red teams require members who think differently-often self-described "oddballs" inherently skeptical of authority. As Lieutenant Colonel Daniel Geisenhof put it: "In many ways, we are in the land of misfit toys." While most people believe they think outside the box, few actually do. Humans exhibit "existence bias"-assuming current conditions must be correct. Effective red teamers escape these constraints through distinct personality traits, proper training, or semi-independence. Three variables correlate with good red teaming. First, personality: successful red teamers are quick-thinking, adaptive, self-motivated, and fearless in pursuing truth. Former CIA analyst Rodney Faraon notes they're "like method actors" who internalize adversaries' motives. They must balance skepticism with finesse-as Marissa Michel explains: "You can have great ideas, but if you are crotchety nobody will pay attention to you." Second, they often aren't career "climbers"-they prioritize truth over advancement. Military "terminal colonels" no longer seeking promotion make excellent red teamers because they'll speak honestly. Third, experience matters: the best are widely read, have held multiple positions, and communicate through compelling storytelling. Red teaming skills can be taught through metacognition training. However, most serve temporarily to avoid institutional capture. The ultimate goal is to "infect" the organization with red teaming approaches, creating mini-red teamers throughout.
Red team findings must be implemented, not shelved. Organizations often game engagements by denying information access, boosting security during tests, or taking systems offline. One white-hat hacker identified the same network vulnerability at a Fortune 100 firm for over a decade-repeatedly ignored. This resistance explains why the FAA's pre-9/11 red team saw no action despite documenting serious failures, and why the Marine Corps red team in Afghanistan was "almost entirely marginalized"-called "kids at the card table at Christmas." When a Marine colonel presented critical findings to General Stanley McChrystal, he was rebuffed: "It sounds like you're telling me how to run my war." Institutions need absorptive capacity-funding, personnel changes, or procedural adjustments-to implement findings. McKinsey warned of ObamaCare rollout glitches six months before launch, but their findings were disregarded, resulting in political disaster. Frequency matters. Too much red teaming prevents implementing previous recommendations. Optimal frequency depends on environmental dynamics: multinational companies might need external analyses every five years, while cyber-threatened companies might need quarterly tests.
Red teaming has become both oversold and under-appreciated, with security firms rebranding standard penetration testing to command higher fees. Yet properly executed red teaming inevitably produces two valuable outcomes. First, it delivers novel insights that couldn't emerge organically within institutions-the structural elements that make organizations function smoothly (hierarchy, formal rules, unit cohesion) are precisely what inhibit creative thinking. Second, even when red teaming fails to impact an organization, it reveals something about that institution's thought processes and values. Failures typically stem from leaders believing they would already know about problems or their employees would tell them-both dangerously flawed assumptions. Red teams should challenge conventional wisdom, identify blind spots, reveal vulnerabilities, and consider worst-case scenarios-but never make final decisions. Red teaming isn't a cure-all but rather a conceptual approach with specific tactics for particular challenges. Retired Lieutenant Colonel William "Razz" Rasgorshek uses a combat pilot analogy: Just as night vision goggles create blind spots that pilots compensate for by scanning side-to-side, "there are certainly blind spots in our brains." The solution is educating people how blind spots develop, showing they exist, and teaching them to control the interference. In a world where institutional blindness costs lives, fortunes, and futures, the ability to see our own vulnerabilities before adversaries exploit them isn't just valuable-it's essential. The question isn't whether your organization has blind spots. It's whether you're willing to illuminate them before disaster does it for you.