Cyber Wargaming: Framework for Enhancing Cyber Wargaming with Realistic Business Context

Abstract

This report describes a framework for cyber wargaming that balances the strong cyber defense technology focus of detailed hands-on cyber red-teaming exercises with the strong business and operational impact focus typical of high-level tabletop exercises focused on cyber. While the framework was developed with a focus on securing systems in the financial services sector (FSS) and is described in terms of that domain, it is expected to be applicable more broadly, to other critical infrastructure protection sectors, as well as other types of enterprises entirely. The report begins by providing a summary of existing cyber wargaming practices and applicable technologies before describing an alternative composite framework to serve as a basis for enhanced wargaming applicable to individual institutions or multi-institution sector operations. A key finding is that existing frameworks are sufficient to leverage in a composite cyber wargaming scenario model to produce improved realism. Consideration is given to how technologies can be used to enhance simulation and orchestration within cyber wargaming exercises, as well as measuring outcomes of such events. The report also discusses approaches for planning, preparing, and conducting cyber wargames using the integrated scenario framework. These approaches could be used to extend and enhance existing wargaming practices an organization may already have implemented. The initial framework presented in the report is general and intended to be tailored to ensure that wargaming exercises accurately reflect the effectiveness of an institutions risk management and technology environment in reducing the impact and risk from cyber adversaries.

Document Details

Document Type

Technical Report

Publication Date

Aug 29, 2018

Accession Number

AD1108071

Entities

Tags