Improving Cyber Security and Mission Assurance via Cyber Preparedness (Cyber Prep) Levels
Abstract
The MITRE-developed cyber preparedness (Cyber Prep) framework provides an approach for addressing the cyber threats that an organization or mission faces; determining the level of preparedness necessary to ensure mission success; facilitating strategic planning for cyber security by setting preparedness objectives; and assisting in the prioritization of cyber security investment planning and management decisions. The nature of cyber threats in general and advanced cyber threats in particular requires a longer-term commitment from senior leadership, including vision, strategy, and investment prioritization as well as the organizational agility to respond to ever-changing tactics and techniques. This paper provides recommendations on how to characterize an organizations cyber threat environment and identifies a number of defensive tools and techniques that will provide a solid start for improving security and resiliency against advanced cyber threats. With broad adoption, the five Cyber Prep levels are expected to provide a simple and common method for assessing the degree of cyber preparedness associated with an organization and/or its components
Document Details
- Document Type
- Technical Report
- Publication Date
- Jan 01, 2009
- Accession Number
- AD1108414
Entities
People
- Deb Bodeau
- Jennifer Fabious Greene
- Richard D. Graubart
Organizations
- MITRE Corporation