Improving the Relevance of Cyber Incident Notification for Mission Assurance

Abstract

Military organizations have embedded Information and Communication Technology (ICT) into their core mission processes as a means to increase operational efficiency, improve decision making quality, and shorten the kill chain. This dependence can place the mission at risk when the loss, corruption, or degradation of the confidentiality, integrity, and/or availability of a critical information resource occurs. Since the accuracy, conciseness, and timeliness of the information used in decision making processes dramatically impacts the quality of command decisions, and hence, the operational mission outcome; the recognition, quantification, and documentation of critical mission-information resource dependencies is essential for the organization to gain a true appreciation of its operational risk. This research identifies existing decision support systems and evaluates their capabilities as a means for capturing, maintaining and communicating mission-to-information resource dependency information in a timely and relevant manner to assure mission operations. This thesis answers the following research question: Which decision support technology is the best candidate for use in a cyber incident notification system to overcome limitations identified in the existing United States Air Force cyber incident notification process