Cyber is often referred to as the fifth warfighting domain—along with land, sea, air, and space. Defense leaders recognize that their mission readiness is significantly impacted by cyber threats that are growing in scale, speed, and sophistication.
A key foundation of today’s military readiness is cyber risk management, and numerous initiatives are under way within the Department of Defense (DoD) with a collective focus on reducing the network intrusion attack surface.
Data from these initiatives are collected in various DoD repositories that automatically analyze software inventory and asset compliance data. The data collected, however, is typically isolated from the mission’s context, obscuring its real impact on operations.
“Traditional approaches to cybersecurity focus on security controls, perimeter protections, and assessing and managing risk,” says Booz Allen’s Rafiq Jamaldinian, a cyber readiness expert. “While such approaches are necessary, they are not well understood within the context of the mission.”
The result is that while leaders are asking for metrics to inform them of how cyber risk management initiatives are impacting the ability to carry out missions, gaining command-level visibility remains a challenge.