Mission impact of cyber events: Scenarios and ontology to express the relationships between cyber assets, missions and users

Anita D'Amico, Laurin Buchanan, John Goodall, Paul Walczak

Research output: Chapter in Book/Report/Conference proceedingConference contributionpeer-review

2 Scopus citations

Abstract

Awareness of the dependencies between cyber assets, missions and users is critical to assessing the mission impact of cyber attacks and maintaining continuity of business operations. However, there is no systematic method for defining the complex mapping between cyber assets (hardware, software, data), missions and users. This paper reports the results of an interdisciplinary workshop on how to map relationships between cyber assets and the users, missions, business processes and other entities that depend on those assets. The workshop yielded information about types of impact assessment beyond mission and financial analyses; scenarios illustrating the complex relationships between assets, mission and users; and models for expressing those relationships. The results will be used to develop a system that will automatically populate an ontology from commonly available network data and allow computer network defense, information technology and disaster recovery practitioners to query the system for information about the impact of the loss or degradation a cyber asset. Two workshops were held: the first focused primarily on mapping relationships between cyber assets, missions and users in commercial operations, and the second workshop focused on military operations. The participants included people whose operational responsibility is to assure the availability of cyber assets for critical missions, and technology providers and researchers in areas related to the mapping of cyber assets to missions. They represented the armed services, intelligence community, small and large businesses, county government, universities, research companies and large systems integrators. The workshop goals addressed in this paper are: 1) define the types of impacts one needs to assess when a cyber asset is attacked or fails; 2) analyze scenarios that illustrate impacts of a failed cyber asset on missions and users; and 3) model relationships between cyber assets, missions and users.

Original languageEnglish
Title of host publication5th European Conference on Information Management and Evaluation, ECIME 2011
PublisherAcademic Conferences Ltd
Pages388-397
Number of pages10
ISBN (Print)9781629934310
StatePublished - 2011
Externally publishedYes
Event5th European Conference on Information Management and Evaluation, ECIME 2011 - Como, Italy
Duration: Sep 8 2011Sep 9 2011

Publication series

Name5th European Conference on Information Management and Evaluation, ECIME 2011

Conference

Conference5th European Conference on Information Management and Evaluation, ECIME 2011
Country/TerritoryItaly
CityComo
Period09/8/1109/9/11

Keywords

  • Business continuity
  • Cyber war
  • Information security
  • Mission assurance
  • Mission impact
  • Ontology

Fingerprint

Dive into the research topics of 'Mission impact of cyber events: Scenarios and ontology to express the relationships between cyber assets, missions and users'. Together they form a unique fingerprint.

Cite this