Content area
Full Text
Abstract: The tools typically used in the planning phase of cyber defence provide only limited guidance for operational decision making. To overcome these shortcomings, the authors propose a more comprehensive and deliberate process of intelligence planning: the Intelligence Preparation of the Cyber Environment (IPCE), an adaptation of Intelligence Preparation of the Battlefield. This paper highlights how concepts used in IPB correspond to concepts in cyber security-in particular, the authors describe how 'weather ' and 'terrain' map onto the concepts of 'user ', 'traffic ', and 'network environment '. Finally, the methodology is demonstrated with a case study to illustrate how systems have widely different 'environmental 'features.
Keywords: Cyber-Intelligence Support, Cyber-Operation Planning, Cyber Defence
Introduction
Warfare planning has steadily evolved, and the great conflicts of the 20th century have brought a high degree of maturity to the operational art for conventional conflict. However, because the introduction of IT technology has been fairly recent, the planning of cyber operations does not show the same maturity and often relies on planning processes more commonly used in the public sector, such as risk analysis. Under these circumstances, the question may be asked whether tools used in conventional planning could be adapted for the planning of cyber operations.
One of the tools which could benefit the cyber operation planning process is the Intelligence Preparation of the Operating Environment (IPOE). This tool enables military planners to build a better understanding of the environment and, based on that understanding, create a model of the adversary that can be used in the planning process. The products of IPOE can be used to validate the effectiveness of the proposed plan and can also be used to create contingencies for any dangerous adversary movements. In the cyber realm, where attacks and defences can occur at the speed of electrons, the ability to pre-plan and automate responses is highly desirable. This paper proposes the Intelligence Preparation of the Cyber Environment, or IPCE, an adaptation of the concept of the IPOE to cyber operations.
The paper is divided into five parts. The first part describes the IPOE process in more detail and explains how the IPOE process is linked to the planning process. The second part covers the adaptation of the concepts of IPOE to the...