The idea of employing a “red team” to test the effectiveness of an entity’s cybersecurity posture has been around for several decades in some form. However, with the emergence and widespread adoption of generative AI, red teaming seems to have evolved into a discipline unto itself. All of this raises important questions: Has red teaming now effectively transformed into a legal mandate and, if so, what standards should be used to judge its efficacy? How much exposure to liability can red teaming reduce? Could it potentially decrease the cost of cyber insurance? In this presentation, a panel of cybersecurity and AI attorneys will discuss the emergence of red teaming as a legal mandate for cybersecurity programs and describe its potential for mitigating legal liability.