Skip to Main Content
Although the importance of securing Information and Communication Technology (ICT) resources is widely recognized, very little work has been reported on measuring the impact of breaches of security on processes that use these resources. More specifically, the research question explored in this paper is measuring the impact on activities of a mission given the risk to ICT resources employed in the mission. Using BPMN as a process modeling notation and in the context of and through a military convoy movement example, we present formulas to compute this impact. In addition to its novelty, the contribution of this work includes its generalizability to all security issues and not necessarily limited to cyber security.