Mapping the Cyber Terrain: Enabling Cyber Defensibility Claims and Hypotheses to Be Stated and Evaluated with Greater Rigor and UtilityFebruary 2014
Topics: Cybersecurity, Computer Security, Information Security Architecture, Information Security Risk Management
Evidence and analysis are needed to determine the effectiveness of cyber security, defensibility, and resiliency solutions. Claims or hypotheses about effectiveness generally are based on assumptions about the threat, and about the technical and operational settings in which solutions will be used. Evidence can be obtained in a variety of environments, ranging from conceptual models to systems supporting mission operations. This paper presents a framework for characterizing assumptions and evaluation environments – an approach to mapping the cyber terrain. The approach presented here can facilitate determination of whether a given hypothesis is meaningful to a specific real-world situation or can be evaluated in a given environment, whether different solutions can be evaluated in a common environment, and whether or how the results obtained in a given environment can be applied to real-world situations. Examples are provided of questions to ask, and sources of information to use, to characterize an environment, particularly with respect to the threat.