Measuring Security Risk in Enterprise Networks

A Layered Graphical Model for Mission Impact Analysis

Organizational mission enabled by networked infrastructure can be impacted by cyber attacks.  Mission is defined as a set of business processes that provide some service. For example, the mission of a travel management system is to provide a set of business processes to support airline and hotel reservation. Quantifying the impact of cyber attacks is of importance to mission planners. Mission impact evaluation approaches and tools provide a way to estimate the impact of cyber attacks on missions.

In an enterprise information environment, the system supports different business processes using the services provided by software and hardware assets. Attacker generally exploits the vulnerability in assets, however the ultimate objective is to impact the business processes that run on those assets. Each service can run on multiple assets and one service can be dependent on another service.  Therefore, evaluating the impact of a security event or a vulnerability on a set of services is a challenge. In this project, we have developed a graphical model to analyze the impact of attacks on business processes and services.  We have also used a case study to show how the model computes the impact of attacks on business processes in a cloud environment.