Design Considerations for a Cyber Incident Mission Impact Assessment (CIMIA) Process

Abstract

Virtually all modern organizations have embedded information systems and networking technologies into their core business processes as a means to increase operational efficiency, improve decision making quality, reduce delays, and/or maximize profit. Unfortunately, this dependence can place the organization's mission at risk when the loss or degradation of the confidentiality, integrity, availability, non-repudiation, or authenticity of a critical information resource or flow occurs. In this paper, we motivate design considerations for an information asset-based, Cyber Incident Mission Impact Assessment (CIMIA) process whose goal is to provide decision makers with timely notification and relevant impact assessment, in terms of mission objectives, from the time an information incident is declared, until the incident is fully remediated.

Open PDF

Document Details

Document Type
Technical Report
Publication Date
Jul 13, 2009
Accession Number
ADA504934

Entities

People

  • Janet L. Sutton
  • Larry W. Fortson
  • Michael R. Grimaila

Organizations

  • Air Force Institute of Technology

Tags

Communities of Interest

  • Cyber
  • Materials and Manufacturing Processes

DTIC Thesaurus Topics

  • Air Force
  • Air Force Research Laboratories
  • Best Practices
  • Business Administration
  • Computer Network Security
  • Information Operations
  • Information Systems
  • Knowledge Management
  • Logistics
  • Military Organizations
  • Organizational Structure
  • Risk
  • Risk Analysis
  • Risk Management
  • Security
  • Situational Awareness
  • Vulnerability

Fields of Study

  • Computer science

Readers

  • Cybersecurity.
  • Operations Research
  • Systems Analysis and Design

Technology Areas

  • Cyber