Ensuring U.S. Air Force Operations During Cyber Attacks Against Combat Support Systems: Guidance for Where to Focus Mitigation Efforts

Abstract : While combat support communities are not responsible for defending cyber networks, they are required to ensure mission execution, including when under cyber attack. Assessing mission assurance for combat support when under a cyber attack is challenging. The fact that many combat support systems do not reside on the most secure networks indicates potential vulnerabilities to cyber attack. Yet the sheer number of information systems that can be attacked, the range of vulnerabilities that these might have, the large number of combat support functions they support, and the complicated connections all of these have to operational missions makes assessments difficult. Add to this the evolving nature of the threats and vulnerabilities in cyberspace, and the task of finding adequate mitigation plans for all possibilities is formidable. What is needed is a way to pare down the problem that highlights the combat support functions and information systems of highest concern in order to focus resources on developing adequate mitigation plans for these. This report presents a sequential process for identifying those functions and information systems most likely to be problematic for the operational mission during cyber attacks. The method is implemented in a Microsoft Excel-hosted decision support tool that does not require any special expertise in the cyber domain.