Cyberspace Effects
CE-WRL-002

Cyber Operations Planning

Responsible for developing cybersecurity operations plans; participating in targeting selection, validation, and synchronization; and enabling integration during the execution of cyber actions.

  • T0630: Incorporate intelligence equities into the overall design of cyber operations plans
  • T0704: Incorporate cyber operations and communications security support plans into organization objectives
  • T0718: Identify intelligence gaps and shortfalls
  • T0734: Issue requests for information
  • T0741: Maintain situational awareness of cyber-related intelligence requirements and associated tasking
  • T0742: Maintain situational awareness of partner capabilities and activities
  • T1020: Determine the operational and safety impacts of cybersecurity lapses
  • T1023: Identify critical technology procurement requirements
  • T1033: Support cyber operations
  • T1036: Integrate leadership priorities
  • T1037: Develop operations strategies
  • T1038: Integrate organization objectives in intelligence collection
  • T1043: Determine staffing needs
  • T1044: Review course of action analysis results
  • T1045: Review exercise analysis results
  • T1046: Assess operation performance
  • T1047: Assess operation impact
  • T1048: Synchronize operational assessment procedures and critical information requirement processes
  • T1054: Scope analysis reports to various audiences that accounts for data sharing classification restrictions
  • T1055: Determine if priority information requirements are satisfied
  • T1456: Determine the impact of threats on cybersecurity
  • T1457: Implement threat countermeasures
  • T1639: Assess target vulnerabilities and operational capabilities
  • T1644: Develop cyber operations indicators
  • T1650: Develop cybersecurity success metrics
  • T1678: Develop cyber operations crisis action plans
  • T1679: Develop organizational decision support tools
  • T1688: Identify strategies to counter potential target actions
  • T1699: Develop crisis plans
  • T1700: Maintain crisis plans
  • T1701: Integrate cyber operations guidance into broader planning activities
  • T1704: Develop intelligence operations plans
  • T1710: Develop policies for providing and obtaining cyber operations support from external partners
  • T1712: Recommend potential courses of action
  • T1717: Recommend changes to planning policies and procedures
  • T1718: Implement changes to planning policies and procedures
  • T1722: Prepare cyber operation strategy and planning documents
  • T1728: Implement collection operation plans
  • T1729: Synchronize intelligence planning activities with operational planning timelines
  • T1735: Facilitate interactions between internal and external partner decision makers to synchronize and integrate courses of action
  • T1752: Develop courses of action based on threat factors
  • T1755: Integrate cyber planning and targeting efforts
  • T1756: Interpret environment preparation assessments
  • T1761: Determine if changes to the operating environment require review of the plan
  • T1764: Assess effectiveness of integrated cyber operations
  • T1779: Coordinate strategic planning efforts with internal and external partners
  • T1794: Develop cyber operations strategies
  • T1797: Advise stakeholders on administrative and logistical elements of operational support plans
  • T1800: Recommend changes to operational plans
  • T1810: Approve operational requirements for research, development, and acquisition of cyber capabilities
  • T1811: Prioritize operational requirements for research, development, and acquisition of cyber capabilities
  • T1812: Submit operational requirements for research, development, and acquisition of cyber capabilities
  • T1822: Submit requests for deconfliction of cyber operations
  • T1823: Respond to requests for deconfliction of cyber operations
  • T1835: Determine if intelligence requirements and collection plans are accurate and up-to-date
  • T1836: Document lessons learned during events and exercises