RC.PL-1 Scenario-based Cyber Wargaming
Description
Planning and preparation alone do not accomplish recovery. To achieve cyber recovery, an organisation must prepare, plan and execute. Scenario-based cyber wargaming is a type of threat modelling that is used to explore the specific concerns of the stakeholders [31], in this case, it is aimed to assess and model recovery gaps and concerns surrounding the various ways a system or service can be compromised, and with this understanding recovery measures are put in place, and further recovery gaps are understood.
Organisations should conduct scenario-based cyber wargaming in order to be appraised of their recovery strategy, approach and capabilities.
See RC.RT-2.
Outcomes / Outputs
(Conduct / Fix / Ingest / List / Plan / Procure / Produce / Report / Review / Set / Test / Train )
- Testing recovery strategy, approach and capabilities by conducting scenario-based cyber wargaming
Reference
- Deborah J. Bodeau, Catherine D. McCollum and David B. Fox (2018), “Cyber Threat Modeling: Survey, Assessment and Representative Framework”, April 7, 2018. Retrieved Dec. 2019. https://www.mitre.org/sites/default/files/publications/pr_18-1174-ngci-cyber-threat-modeling.pdf
© 2017 – 2020, C-MRIC.ORG, C-MRIC.COM and Cyber Recovery Operational Framework are registered trademarks of the C-MRIC organisation.