Building Secure, Resilient Architectures for Cyber Mission Assurance

Abstract

Todays information technology (IT) environments are increasingly subject to escalating cyber attacks. Cyber threats vary widely in sophistication, intent, and the consequences to the targeted systems and networks. The range of attackers extends from users who unintentionally damage systems to hackers, to cyber criminals, to fullscale cyber spies and cyber warriors; their intentions span from annoying vandalism to economic threats to taking out the electric grid or defeating armed forces. Similarly, the target of the attacks can vary from a single computer or router to an entire online banking system, business enterprise, or global supply chain. At the same time, our missions and businesses fall along a spectrum of criticalityfrom desirable to necessary, essential, and mission or safety critical. Given the broad spectrums of threat, intent, and consequence to missioncritical functions, determining exactly where our mission systems lie in this continuum of dimensions is vital to determine the appropriate level of investment and response. The notion that we can achieve 100 percent protection is not only unrealistic but also results in a false sense of security that puts our missions and businesses at serious risk. Consequently, we must compensate for our inability to achieve full protection by ensuring that we can accomplish our missions despite cyber attacks. The cyber defenses generally available today help address the lowend threats against our less essential systems, but are often ineffective against most forms of cyber attacks targeting our most missioncritical systems. It is at the high end of the continuum that architecture resilience will matter mostto enable continuity of mission critical operations and support rapid reconstitution of existing or minimal essential capabilities or the deployment of alternative means of accomplishing the mission.

Open PDF

Document Details

Document Type
Technical Report
Publication Date
Aug 11, 2010
Accession Number
AD1108588

Entities

People

  • Harriet G. Goldman

Organizations

  • MITRE Corporation

Tags

Communities of Interest

  • Space

DTIC Thesaurus Topics

  • Artificial Satellites
  • Availability
  • Bandwidth
  • Commerce
  • Computer Vision
  • Corporations
  • Cyber Defense Techniques
  • Cyber Threats
  • Cyberattacks
  • Cybersecurity
  • Cyberspace
  • Deception
  • Degradation
  • Deployment
  • Detection
  • Determinants (Mathematics)
  • Environment
  • Information Systems
  • Intrusion
  • Monitoring
  • Recovery
  • Redundancy
  • Reliability
  • Resilience
  • Standards
  • Supply Chain
  • Test And Evaluation
  • Training
  • Uncertainty

Fields of Study

  • Computer science

Readers

  • Cybersecurity.
  • Systems Analysis and Design

Technology Areas

  • Cyber