Improving Cyber Security and Mission Assurance Via Cyber Preparedness (Cyber Prep) Levels

Author

Bodeau, Deborah J. ; Graubart, Richard ; Fabius-Greene, Jennifer

Author_Institution

MITRE Corp. Bedford, Bedford, MA, USA

fYear

2010

fDate

20-22 Aug. 2010

Firstpage

1147

Lastpage

1152

Abstract

Increasing dependence on cyberspace makes preparedness against cyber threats integral to mission assurance. The nature of cyber threats in general - and advanced persistent threats in particular - requires a longer-term commitment from senior leadership, including vision, strategy, and investment prioritization as well as the organizational agility to respond to ever-changing tactics and techniques. The cyber preparedness (Cyber Prep) methodology enables an organization to (1) characterize the cyber threats that an organization or mission faces; (2) determine the level of preparedness necessary to ensure mission success; (3) facilitate strategic planning for cyber security by setting preparedness objectives; and (4) establish priorities for cyber security investment planning and management decisions. This paper presents the framework underlying the Cyber Prep methodology.

Keywords

security of data; cyber prep; cyber preparedness; cyber security investment management decisions; cyber security investment planning decisions; cyber threats; mission assurance; Information systems; Malware; Organizations; Resilience; Supply chains; abuse and crime involving computers; invasive software; risk management; security; unauthorized access;

fLanguage

English

Publisher

ieee

Conference_Titel

Social Computing (SocialCom), 2010 IEEE Second International Conference on

Conference_Location

Minneapolis, MN

Print_ISBN

978-1-4244-8439-3

Electronic_ISBN

978-0-7695-4211-9

Type

conf

DOI

10.1109/SocialCom.2010.170

Filename

5591907