The purpose of this research is to establish a conceptual methodological framework that will facilitate effective cyber damage and mission impact assessment and reporting following a cyber-based information incidents. Joint and service guidance requires mission impact reporting, but current efforts to implement such reporting have proven ineffective. This research seeks to understand the impediments existing in the current implementation and to propose an improved methodology. The research employed a hybrid historical analysis and case study methodology for data collection through extensive literature review, examination of existing case study research and interviews with Air Force members and civilian personnel employed as experts in cyber damage and mission impact assessment of Air Force networks. Nine respondents provided valuable first-hand information about the current implementation cyber damage and mission impact assessment. This research identified several critical impediments to current mission impact assessment efforts on Air Force networks. Based upon these findings, a proposal is made for a new operations-focused defensive cyber damage and mission impact methodology. The methodology will address the critical impediments identified and will result in profound benefits in other areas of cyber asset protection. Recommendations for conceptual implementation and operationalization are presented and related future research topics are discussed
