Building a purple team programme¶

Building a purple team programme is a change management problem before it is a staffing or tooling problem. The organisation currently has offensive and defensive work happening in separate loops, if it has them at all. Bringing those loops into contact, with shared context and real-time communication, requires changes to how both sides work, how findings are communicated, and how the organisation responds to what the exercises reveal.

The PSL framing is directly applicable. The rational layer covers what the programme needs structurally: who is on which side, how exercises are scoped, how findings are recorded and acted on. The emotional layer covers something that is rarely discussed openly: how does it feel to have your detections tested, or to find that months of defensive work did not catch a simulated attack? The answer to that question determines whether the programme produces learning or defensiveness. The political layer covers who has the authority to require the changes that the programme finds are necessary. A programme whose findings consistently go unactioned is a programme whose political layer has not been addressed.