Modeling Cyber Threat Impact on Operational Capability in military network systems
By: Fiodor TIMERCAN

References
- Bodeau, D., Graubart, R., & Heinbockel, W. (2013). Mapping the cyber terrain. MITRE Corporation. Available at: https://www.mitre.org/sites/default/files/publications/mapping-cyber-terrain-13-4175.pdf.
- Cisco Systems. (2023). 2023 Annual cybersecurity report. Available at: https://www.cisco.com/c/dam/en_us/about/annual-report/cisco-annual-report-2023.pdf.
- ENISA. (2017). Baseline Security Recommendations for IoT. Available at: https://www.enisa.europa.eu/publications/baseline-security-recommendations-for-iot.
- ENISA. (2019). Cybersecurity culture guidelines: Behavioural aspects of cybersecurity. Available at: https://www.enisa.europa.eu/publications/cybersecurity-culture-guidelines-behavioural-aspects-of-cybersecurity.
- ENISA. (2021). Cybersecurity Threat Landscape methodologies. Available at: https://www.enisa.europa.eu/publications/enisa-threat-landscape-2021.
- ENISA. (2022). Risk management. Available at: https://www.enisa.europa.eu/topics/risk-management.
- Ertan, A., Floyd, K., Pernik, P., & Stevens., E. (2020). Cyber Threats and NATO 2030: Horizon Scanning and Analysis. NATO Cooperative Cyber Defence Centre of Excellence/CCDCOE. Available at: https://ccdcoe.org/uploads/2020/12/Cyber-Threats-and-NATO-2030_Horizon-Scanning-and-Analysis.pdf.
- Hutchins, E.M., Cloppert, M.J., & Amin, R.M. (2011). Intelligence-driven computer network defense informed by analysis of adversary campaigns and intrusion kill chains. Lockheed Martin.
- International Organization for Standardization/ISO. (2018). ISO 31000: Risk management Guidelines. Available at: https://www.iso.org/standard/65694.html.
- International Organization for Standardization/ISO. (2022). ISO/IEC 27005: Information security, cybersecurity and privacy protection – Guidance on managing information security risks. Available at: https://www.iso.org/standard/80585.html.
- International Organization for Standardization/ISO. (2022). ISO/IEC 27001: Information security, cybersecurity and privacy protection – Information security management systems – Requirements. Available at: https://www.iso.org/standard/27001.
- Kott, A. (2013). Towards Fundamental Science of Cyber Securit. Springer New York.
- Kott, A., Wang, C., & Erbacher, R.F. (2014). Cyber defense and situational awareness. Springer International Publishing.
- Kott, A., & Linkov, I. (2019). Cyber resilience of systems and networks. Springer.
- Linkov, I., Eisenberg, D.A., & Plourde, K. (2013). Resilience metrics for cyber systems. Environment Systems and Decisions, 33(4), 471-476. DOI:10.1007/s10669-013-9485-y.
- Linkov, I., & Trump, B.D. (2019). The science and practice of resilience. Springer International Publishing.
- Min, M., & Yun, T. (2025). MITRE ATT&CK-Driven Threat Analysis for Edge-IoT Environment and a Quantitative Risk Scoring Model. Henderson Vol. 145, Iss. 2, DOI:10.32604/cmes.2025.072357.
- MITRE Corporation. (2024). ATT&CK framework. Available at: https://attack.mitre.org/.
- Moulin, J. (2025). Cybersecurity Essentials: How Threats, Vulnerabilities, and Exposures Impact Risk. Substack – Natsar Cybersecurity Insights. Available at: https://natsar.substack.com/p/how-threats-vulnerabilities-exposures-impact-risk.
- National Institute of Standards and Technology/NIST. (2012). Guide for conducting risk assessments (SP 800-30). Available at: https://csrc.nist.gov/pubs/sp/800/30/r1/final.
- National Institute of Standards and Technology/NIST. (2020). Security and privacy controls for information systems and organizations (SP 800-53 Rev. 5). Available at: https://csrc.nist.gov/pubs/sp/800/53/r5/upd1/final.
- National Institute of Standards and Technology/NIST. (2023). Cybersecurity framework (CSF). Available at: https://www.nist.gov/cyberframework.
- National Institute of Standards and Technology/NIST. (2024). The NIST Cybersecurity Framework (CSF) 2.0. Available at: https://nvlpubs.nist.gov/nistpubs/CSWP/NIST.CSWP.29.pdf.
- Noel, S., & Jajodia, S. (2005). Understanding complex network attack graphs through clustered adjacency matrices. In Proceedings of the 21st Annual Computer Security Applications Conference. Available at: https://www.acsac.org/2005/papers/87.pdf.
- North Atlantic Treaty Organization/NATO. (2024). Cyber Defence. Available at: https://www.nato.int/en/what-we-do/deterrence-and-defence/cyber-defence.
- United States Department of Defense. (2023). DoD Cybersecurity reference architecture (CS RA) (Version 5.0). Available at: https://dodcio.defense.gov/Portals/0/Documents/Library/CS-Ref-Architecture.pdf.
- Wikimedia Commons. (2024). Template: Other versions/Advanced persistent threat lifecycle. Available at: https://commons.wikimedia.org/wiki/Template:Other_versions/Advanced_persistent_threat_lifecycle.
Language: English
Page range: 11 - 22
Submitted on: Apr 5, 2026
Accepted on: May 20, 2026
Published on: Jun 24, 2026
Published by: Nicolae Balcescu Land Forces Academy
In partnership with: Paradigm Publishing Services
Publication frequency: 2 issues per year
Keywords:
Related subjects:
© 2026 Fiodor TIMERCAN, published by Nicolae Balcescu Land Forces Academy
This work is licensed under the Creative Commons Attribution-NonCommercial-NoDerivatives 3.0 License.