Operational Planning#

Cybersecurity missions and operations can be complex and require careful planning. There are many factors to consider when planning a cybersecurity mission or operation, including the goals of the mission or operation, the resources available, the potential risks and vulnerabilities, and the possible impacts of the mission or operation. Careful planning is essential to ensure that a cybersecurity mission or operation is successful.

This section of the library is dedicated to the art and science of planning and executing cybersecurity operations. We will follow the phases outlined in NATO’s CIMIC Handbook and apply them to cyber operations:

Operations planning process (OPP) phases at operational/component level


We want to improve the effectiveness of small cyber units (less than ten individuals) by imparting straightforward concepts, ideas, and practices in this section. The information presented here should be useful for teams like penetration testing teams, red teams, cyber protection teams, and blue teams.

Phase 4: CONOPS Development#

The term “concept of operations” (CONOP) refers to the basic plan for employment of forces during an operation. The purpose of a CONOP is to provide a common frame of reference for all forces involved in an operation. It is a statement of the commander’s intent and describes, in broad terms, how the force will conduct the operation.

Phase 5: Execution#

This is the phase where the cyber team executes the mission.