AIMFIRST: Planning for Mission Assurance
Today network and system managers are not equipped to support mission assurance objectives. Often they are unaware of the mission impact of their actions, e.g. changing firewall or router rules or bringing a server down for maintenance, until someone associated with a mission complains of a negative impact. Worse yet, when the network configuration changes for any reason (a cyber or kinetic attack, an act of nature, etc.) the managers have no way to assess the mission impact of the change or to plan ways to work around the disruption.