Activity-in-Diagram: Update Cyber Threat Assessment and Kill Chain Analysis

Creator

Description

The ACD assessment team reviews the cybersecurity threat assessment and attack surface analysis using the cyber kill chain to identify updates to current threat tactic and targeting. Government testers should be integrated with contractor testers to facilitate sharing sanitized or relevant threat information to support contractor ACD events. The cybersecurity threat assessment informs the ACD assessment team about how to emulate the expected cybersecurity threat during testing. The cyber kill chain analysis and threat assessment contribute to development of threat vignettes, possible response scenarios, and mitigations used in test planning.
As part of this phase, the CDT and ACD assessment team may obtain updated VOLT reports that include system-specific CTMs from the DITL, and Service-specific intelligence reports to validate developed threat vignettes.

Owning Diagram A4: Phase 4: Test & Evaluate Adversarial Impact on Critical Functions

Decomposition

A41: Update Cyber Threat Assessment and Kill Chain Analysis

Input

cybersecurity threats

attack surface analysis report

cybersecurity evaluation

Output

MBCRA updates

updated tactics and targetting

threat vignette

Control

key cyber terrain

Cheif Developmental Tester

Mechanism

Lead DT&E Organization

Cybersecurity DT&E Technical Experts