The proliferation of Information Technology (IT) into organisational systems has resulted in complex interdependencies between IT infrastructure and processes that support mission goals. A mission, whether understood in a military or business context, could be operational, tactical, or strategic in nature, further compounding the complexity of these relationships with varying system granularity and time sensitivity. Throw in interaction with dynamic environments and it becomes conceptually challenging to measure and convey possible mission resilience to cyber attack.
To make matters worse, traditional mission resilience modelling lacks tools for automated analysis and visual analytics. This makes it harder to generate consensus, communicate cyber risk to decision makers, and propose courses of action to help mitigate cyber effects and improve resilience.
Key mission resilience considerations may include;
- What are the downstream effects of a loss of availability on dependent services?
- How effective are backup systems in providing an acceptable level of redundancy during an outage?
- Will a long or ineffective recovery result in breach of Service Level Agreements (SLAs)?
These are questions that need capturing, answering and communicating through a robust methodology which traditional methods don’t provide. However, there is an opportunity to build models from real data obtained from networks and vulnerability databases to help simulate real cyber attacks to quantify mission impact. This is an ever-expanding area as the cybersecurity community continually learns from cyber attacks and standards evolve for describing vulnerabilities in greater detail.
How can we approach the problem?
How well mission functions absorb impacts from cyber attacks and recover to acceptable levels of performance informs us of mission resilience. However, without a model to describe the mission and how it is underpinned by cyber assets, it becomes difficult to understand how complex relationships can result in resilience as an emergent property. Riskaware’s CyberAware Resilience platform has the capability to build mission-dependency models that represent cyber terrain and missions in a single coherent view, bridging the gap between traditional organisational process modelling and cyber risk analysis.
The mission-dependency model is a consensus generating tool, allowing stakeholders from across an organisation to help define system scope, purpose, interdependent mission functions and relationships. These may be simple, or complex, with varying sensitivity between dependencies, feedback loops and system triggers. The model may also include impact risk scores on key cyber assets that have been previously captured from other risk assessments. Such a model can be appropriate at different granularities, facilitating both operational and strategic resilience modelling.
Key cyber assets – ingested automatically from network scans – can be linked to mission functions. By analysing device interrelationships using output from Vulnerability Analysis (VA) techniques, cyber attacks can be simulated based on specific attacker capabilities, goals and timeframes. The realisation of a cyber attack may then impact a mission function which may have specific recovery properties based on Confidentiality, Integrity or Availability (CIA) technical impacts. How this impact is realised over time, and any associated recovery metrics, can then simulate how resilient a mission is to that cyber attack when viewed holistically.
What are the benefits?
This method can be used to model mission resilience in varying contexts, from demonstrating worst-case scenarios of service outage caused by cyber attacks, to analysing the mission impact of compromised partner systems within military scenarios that force the use of secondary, less robust comms bearers.
Furthermore, using automated analysis to simulate cyber attacks can help save time and validate cyber risk assumptions. By automatically analysing software vulnerabilities on devices, underpinned by the knowledge of which assets are critical within the context of mission functions, it is possible to simulate mission resilience to cyber attack.
This intelligence can then be used to communicate cyber risk to decision makers and empower analysts to design targeted mitigation strategies, such as increasing system redundancy, service diversification, software patching or network reconfiguration, using subsequent cyber attack simulations to demonstrate effectiveness.
Find out more about the CyberAware platform here.