Assessing the Maturity of National Cybersecurity and Resilience
by
George Sharkov

Abstract:

This article provides an overview of maturity levels and assessment methodologies for the evaluation of cybersecurity and resilience in relation to their applicability and usefulness at sectoral and national levels. Reference maturity models and assessment frameworks, such as CERT Resilience Management Model, Cybersecurity Capacity Maturity Model for Nations, C2M2 (Cybersecurity Capability Maturity Model), are compared and analyzed for their applicability in designing and implementing national cybersecurity strategies and programs to achieve cyber resilience. Cyber readiness indexes are also outlined in view of their use to indicate possible improvements. The author explores the development of national cybersecurity strategies with a focus on cyber maturity and provides examples. A maturity-based approach for the Bulgarian cyber resilience roadmap is also described within the context of the evolving cyber-empowered hybrid threats and the need for an institutionalized collaborative public-private resilience.

Previous Issue

The Fall 2020 issue of Connections: The Quarterly Journal presents a variety of security-related applications of the concept of resilience. Two articles address the relation to cybersecurity – one presenting a framework for assessing national cyber resilience, and the other the need to enhance the resilience of the armed forces to cyberat... Read More