This paper provides detailed background on the Cyber Prep methodology to help understand its nuances and to situate it in the larger landscape of cyber strategic planning and risk management frameworks and methodologies.
Motivating Organizational Cyber Strategies in Terms of Preparedness
Download Resources
PDF Accessibility
One or more of the PDF files on this page fall under E202.2 Legacy Exceptions and may not be completely accessible. You may request an accessible version of a PDF using the form on the Contact Us page.
As cyber threats evolve, organizations increasingly need to define their strategies for cyber security, defense, and resilience. Cyber Prep is a threat-oriented approach that allows an organization to define and articulate its threat assumptions, and to develop organization-appropriate, tailored aspects of a preparedness strategy. Cyber Prep focuses on advanced threats, but also includes material related to conventional cyber threats. Cyber Prep can be used in standalone fashion, or it can be used to complement and extend the use of other, more detailed frameworks (e.g., the NIST Cybersecurity Framework) and threat models. This paper provides detailed background on the Cyber Prep methodology, to help systems engineers and other analysts who are applying that methodology to understand its nuances and to situate it in the larger landscape of cyber strategic planning and risk management frameworks and methodologies.