# Failure Tracing [[Failure Tracing]] is an [[Incident Containment]] capability. Failure tracing occurs after an incident, when the organization has time to trace its steps towards the root cause of the incident. ## Map ``` mermaid <!-- element style="width:90%; height:auto" --> graph TD Top[[Cybersecurity]] --- E[[Incident Containment]] E --- E.1[[Alert Correlation]] E --- E.2[[Case Management]] E --- E.3[[Incident Management]] E --- E.4[[Forensic Analysis]] E --- E.5[[Asset Restoration]] E --- E.6[[Abuse Reporting]] E --- E.7[[Failure Tracing]] %% Class Definitions %% ===================== class Top,A,A.1,A.2,A.3,A.4,A.5,A.6,B,B.1,B.2,B.3,B.4,B.5,C,C.1,C.2,C.3,C.4,D,D.1,D.2,D.3,D.4,D.5,E,E.1,E.2,E.3,E.4,E.5,E.6,E.7 internal-link,font-color:white; class Top cssClassL0; classDef cssClassL0 fill:black,stroke:black,stroke-width:4px,font-size:15px,font-color:white; class A,B,C,D,E cssClassL1; classDef cssClassL1 fill:darkblue,stroke:darkblue,stroke-width:4px,font-size:15px,font-color:white; class A.1,A.2,A.3,A.4,A.5,A.6,B.1,B.2,B.3,B.4,B.5,C.1,C.2,C.3,C.4,D.1,D.2,D.3,D.4,D.5,E.1,E.2,E.3,E.4,E.5,E.6,E.7 cssClassL2; classDef cssClassL2 fill:blue,stroke:blue,stroke-width:4px,font-size:15px,font-color:white; class E.7 cssClassCurrent; classDef cssClassCurrent fill:#2f9503,stroke:#2f9503,stroke-width:4px,font-size:15px,font-color:white; ``` ## Definition >[!success] Definition  >**Failure Tracing** provides a method for identifying, documenting, and analyzing failures of digital assets to determine their root causes and improve system reliability. ## Goals > [!cm-goal] Goal 1  > **Analyze Failures** - Perform detailed analysis to understand the root causes of failures and prevent future occurrences. > [!cm-goal] Goal 2  > **Mitigate Risks** - Implement measures to mitigate the impact of failures and improve system reliability. > [!cm-goal] Goal 3  > **Analyze Trends** - Use collected data to analyze trends in failures and improve overall system performance. ## Scope Failure tracing is applied to all digital systems and services within an organization’s automated environment. ## Process ## Metrics > [!cm-metric] Metric: [[% of Incident Failures Captured in the Risk Matrix]] > [!cm-metric] Metric: [[% of Analyzed Failures Leading to Mitigation]] ## Inspiration & Resources + https://ieeexplore.ieee.org/document/5232690 + https://asq.org/quality-resources/fmea + https://prime.mindtools.com/pages/article/newTMC_80.htm + https://jqualityinnovation.springeropen.com/articles/10.1186/s40887-018-0025-1 + https://spectrum.ieee.org/lessons-from-a-decade-of-it-failures + https://www.zdnet.com/article/google-proper-patching-would-have-prevented-25-of-all-zero-days-found-in-2020/ + https://www.ihi.org/sites/default/files/QIToolkit_FailureModesandEffectsAnalysis.pdf + https://www.c-risk.com/blog/hazop-methodology ## [Cyber City Map](https://cybercitymap.com/) © 2023-2024 by [ThirdScore, Inc.](https://thirdscore.com/) All Rights Reserved.