Cyber mission thread analysis : an implementation guide for process planning and execution / Lauren A. Mayer, Don Snyder [and 6 others].

Format:

Book

Author/Creator:

Mayer, Lauren A., author.

Snyder, Don, 1962- author.

Contributor:

United States. Department of the Air Force.

Project Air Force (U.S.). Resource Management Program.

Rand Corporation.

Language:

English

Subjects (All):

Cyberspace operations (Military science).

Cyberspace--Security measures--United States.

Cyberspace.

Cyberterrorism--United States--Prevention.

Cyberterrorism.

Information warfare--United States.

Information warfare.

United States. Air Force--Information technology.

United States.

United States. Air Force--Computer networks--Security measures.

United States. Air Force--Planning.

Other Title:

Cyber Mission Thread Analysis

Place of Publication:

RAND Corporation 2022

Summary:

Cyber mission thread analysis (CMTA), which identifies mission-critical systems in a cyber threat environment, requires a disciplined, well-planned process for its execution. This report provides a proposed planning and implementation guide (1) to perform CMTA expeditiously while still giving results good enough to make decisions about mission criticality, and (2) to analyze multiple missions concurrently. The authors offer guidance on the roles and responsibilities of organizations and personnel involved in CMTA; the process for implementing the analysis and the types of preparations necessary for successful implementation; a rough timeline required to perform CMTA for one or more missions concurrently; and the possible constraints and issues that may be encountered. The authors draw on lessons learned from a pilot CMTA application, analogous Air Force efforts, and relevant social science methods for conducting interviews and focus groups. They highlight a number of key considerations, including two that are most critical: (1) Develop and execute a detailed plan. The number of stakeholders involved and desire for a swift timeline require a substantial coordination effort; and (2) Remember that the ultimate CMTA goal is triage. It is vital that any mission-critical system appear highly ranked; it is okay if some non-critical systems appear highly ranked. This goal ensures discussions do not become unnecessarily detailed and results remain within scope. The analytical tasks to perform CMTA are covered in a separate, companion document - Cyber Mission Thread Analysis: A Prototype Framework for Assessing Impact to Missions from Cyber Attacks to Weapon Systems - that readers can consult.

Contents:

Chapter One: Overview of the CMTA Implementation Guide

Chapter Two: Phase One: Establishing CMTA Roles and Analysis Inputs

Chapter Three: Phase Two: Planning the Analysis Process

Chapter Four: Phase Three: Conducting the Analysis

Chapter Five: Adopting CMTA Process Efficiencies

Chapter Six: Final Thoughts and Next Steps

Appendix A: Further Considerations for Conducting SME Elicitations

Appendix B: CMTA Analyst Team Checklist.

Notes:

Description from electronic resource.