TY - GEN
T1 - Mission impact of cyber events
T2 - 5th European Conference on Information Management and Evaluation, ECIME 2011
AU - D'Amico, Anita
AU - Buchanan, Laurin
AU - Goodall, John
AU - Walczak, Paul
PY - 2011
Y1 - 2011
N2 - Awareness of the dependencies between cyber assets, missions and users is critical to assessing the mission impact of cyber attacks and maintaining continuity of business operations. However, there is no systematic method for defining the complex mapping between cyber assets (hardware, software, data), missions and users. This paper reports the results of an interdisciplinary workshop on how to map relationships between cyber assets and the users, missions, business processes and other entities that depend on those assets. The workshop yielded information about types of impact assessment beyond mission and financial analyses; scenarios illustrating the complex relationships between assets, mission and users; and models for expressing those relationships. The results will be used to develop a system that will automatically populate an ontology from commonly available network data and allow computer network defense, information technology and disaster recovery practitioners to query the system for information about the impact of the loss or degradation a cyber asset. Two workshops were held: the first focused primarily on mapping relationships between cyber assets, missions and users in commercial operations, and the second workshop focused on military operations. The participants included people whose operational responsibility is to assure the availability of cyber assets for critical missions, and technology providers and researchers in areas related to the mapping of cyber assets to missions. They represented the armed services, intelligence community, small and large businesses, county government, universities, research companies and large systems integrators. The workshop goals addressed in this paper are: 1) define the types of impacts one needs to assess when a cyber asset is attacked or fails; 2) analyze scenarios that illustrate impacts of a failed cyber asset on missions and users; and 3) model relationships between cyber assets, missions and users.
AB - Awareness of the dependencies between cyber assets, missions and users is critical to assessing the mission impact of cyber attacks and maintaining continuity of business operations. However, there is no systematic method for defining the complex mapping between cyber assets (hardware, software, data), missions and users. This paper reports the results of an interdisciplinary workshop on how to map relationships between cyber assets and the users, missions, business processes and other entities that depend on those assets. The workshop yielded information about types of impact assessment beyond mission and financial analyses; scenarios illustrating the complex relationships between assets, mission and users; and models for expressing those relationships. The results will be used to develop a system that will automatically populate an ontology from commonly available network data and allow computer network defense, information technology and disaster recovery practitioners to query the system for information about the impact of the loss or degradation a cyber asset. Two workshops were held: the first focused primarily on mapping relationships between cyber assets, missions and users in commercial operations, and the second workshop focused on military operations. The participants included people whose operational responsibility is to assure the availability of cyber assets for critical missions, and technology providers and researchers in areas related to the mapping of cyber assets to missions. They represented the armed services, intelligence community, small and large businesses, county government, universities, research companies and large systems integrators. The workshop goals addressed in this paper are: 1) define the types of impacts one needs to assess when a cyber asset is attacked or fails; 2) analyze scenarios that illustrate impacts of a failed cyber asset on missions and users; and 3) model relationships between cyber assets, missions and users.
KW - Business continuity
KW - Cyber war
KW - Information security
KW - Mission assurance
KW - Mission impact
KW - Ontology
UR - http://www.scopus.com/inward/record.url?scp=84893082137&partnerID=8YFLogxK
M3 - Conference contribution
AN - SCOPUS:84893082137
SN - 9781629934310
T3 - 5th European Conference on Information Management and Evaluation, ECIME 2011
SP - 388
EP - 397
BT - 5th European Conference on Information Management and Evaluation, ECIME 2011
PB - Academic Conferences Ltd
Y2 - 8 September 2011 through 9 September 2011
ER -