A NIS Directive compliant Cybersecurity Maturity Assessment Framework

被引：6

作者：

Drivas, George ^{[1
,2
]}

Chatzopoulou, Argyro ^{[3
]}

Maglaras, Leandros ^{[2
,4
]}

Lambrinoudakis, Costas ^{[1
]}

Cook, Allan ^{[4
]}

Janicke, Helge ^{[4
]}

机构：

[1] Univ Piraeus, Dept Digital Syst, Piraeus, Greece

[2] Natl Cyber Secur Author Greece, Piraeus, Greece

[3] APIROPLUS Solut, Limassol, Cyprus

[4] De Montfort Univ, Fac Comp Engn & Media, Leicester, Leics, England

来源：

2020 IEEE 44TH ANNUAL COMPUTERS, SOFTWARE, AND APPLICATIONS CONFERENCE (COMPSAC 2020) | 2020年

基金：

欧盟地平线“2020”;

关键词：

D O I：

10.1109/COMPSAC48688.2020.00-20

中图分类号：

TP39 [计算机的应用];

学科分类号：

081203 ; 0835 ;

摘要：

The EU NIS Directive introduces obligations related to the security of the network and information systems for Operators of Essential Services and for Digital Service Providers. Moreover, National Competent Authorities for cybersecurity are required to assess compliance with these obligations. This paper describes a novel Cybersecurity Maturity Assessment Framework (CMAF) that is tailored to the NIS Directive requirements. CMAF can be used either as a self-assessment tool from Operators of Essential Services and Digital Service Providers or as an audit tool from the National Competent Authorities for cybersecurity.

引用

页码：1641 / 1646

页数：6

共 50 条

[31] Understanding Cybersecurity Maturity in Practice
Valavanis, Stel
JOURNAL OF INFORMATION SYSTEMS, 2024, 38 (03) : 1 - 5
[32] The Trends in Cybersecurity Maturity Models
Buzdugan, Aurelian
Capatana, Gheorghe
EDUCATION, RESEARCH AND BUSINESS TECHNOLOGIES, 2023, 321 : 217 - 228
[33] PRISM: a strategic decision framework for cybersecurity risk assessment
Goel, Rajni
Kumar, Anupam
Haddow, James
INFORMATION AND COMPUTER SECURITY, 2020, 28 (04) : 591 - 625
[34] A framework for competence development and assessment in hybrid cybersecurity exercises
Brilingaite, Agne
Bukauskas, Linas
Juozapavicius, Ausrius
COMPUTERS & SECURITY, 2020, 88
[35] Multicriteria Decision Framework for Cybersecurity Risk Assessment and Management
Ganin, Alexander A.
Quach, Phuoc
Panwar, Mahesh
Collier, Zachary A.
Keisler, Jeffrey M.
Marchese, Dayton
Linkov, Igor
RISK ANALYSIS, 2020, 40 (01) : 183 - 199
[36] An Engineering Process Framework for Cybersecurity Incident Response Assessment
Freas, Robert L.
Adair, Heather F.
Hammad, Eman
2022 5TH IEEE CONFERENCE ON DEPENDABLE AND SECURE COMPUTING (IEEE DSC 2022), 2022,
[37] The NIS 2 Directive: securing critical assets
Kenny S.
Network Security, 2023, 2023 (11)
[38] Searching for the appropriate legal basis for personal data processing for cybersecurity purposes under the NIS 2 Directive: Legal obligation and/or legitimate interest?
Kun, Eyup
COMPUTER LAW & SECURITY REVIEW, 2025, 56
[39] Microservice Maturity of Organizations Towards an Assessment Framework
Gouigoux, Jean-Philippe
Tamzalit, Dalila
Noppen, Joost
RESEARCH CHALLENGES IN INFORMATION SCIENCE (RCIS 2021), 2021, 415 : 523 - 540
[40] A measurement framework for software product maturity assessment
Abdellatif, Ahmad
Alshayeb, Mohammad
Zahran, Sami
Niazi, Mahmood
JOURNAL OF SOFTWARE-EVOLUTION AND PROCESS, 2019, 31 (04)

← 1 2 3 4 5 →