|
Improving Cyber Security and Mission Assurance via Cyber Preparedness (Cyber Prep) Levels
February 2010
Deb Bodeau, The MITRE Corporation
Richard Graubart, The MITRE Corporation
Jennifer Fabius Greene, The MITRE Corporation
ABSTRACT
The MITRE-developed cyber preparedness (Cyber Prep) framework provides an approach for:
- addressing the cyber threats that an organization or mission faces;
- determining the level of preparedness necessary to ensure mission success;
- facilitating strategic planning for cyber security by setting preparedness objectives;
- and assisting in the prioritization of cyber security investment planning and management decisions.
The nature of cyber threats in general—and advanced cyber threats in particular—requires a longer-term commitment from senior leadership, including vision, strategy, and investment prioritization as well as the organizational agility to respond to ever-changing tactics and techniques. This paper provides recommendations on how to characterize an organization's cyber threat environment and identifies a number of defensive tools and techniques that will provide a solid start for improving security and resiliency against advanced cyber threats. With broad adoption, the five Cyber Prep levels are expected to provide a simple and common method for assessing the degree of cyber preparedness associated with an organization and/or its components.
Additional Search Keywords
n/a
|
