6 research outputs found
A NIS Directive compliant Cybersecurity Maturity Model
The EU NIS Directive introduces obligations related to the security of the network and information systems for Operators
of Essential Services and for Digital Service Providers. Moreover, National Competent Authorities for cybersecurity
are required to assess compliance with these obligations. This paper describes a novel Cybersecurity Maturity Assessment
Framework (CMAF) that is tailored to the NIS Directive requirements. CMAF can be used either as a self-assessment
tool from Operators of Essential Services and Digital Service Providers or as an audit tool from the National Competent
Authorities for cybersecurity
PHOENI2X -- A European Cyber Resilience Framework With Artificial-Intelligence-Assisted Orchestration, Automation and Response Capabilities for Business Continuity and Recovery, Incident Response, and Information Exchange
As digital technologies become more pervasive in society and the economy,
cybersecurity incidents become more frequent and impactful. According to the
NIS and NIS2 Directives, EU Member States and their Operators of Essential
Services must establish a minimum baseline set of cybersecurity capabilities
and engage in cross-border coordination and cooperation. However, this is only
a small step towards European cyber resilience. In this landscape,
preparedness, shared situational awareness, and coordinated incident response
are essential for effective cyber crisis management and resilience. Motivated
by the above, this paper presents PHOENI2X, an EU-funded project aiming to
design, develop, and deliver a Cyber Resilience Framework providing
Artificial-Intelligence-assisted orchestration, automation and response
capabilities for business continuity and recovery, incident response, and
information exchange, tailored to the needs of Operators of Essential Services
and the EU Member State authorities entrusted with cybersecurity
When there is a crisis, there is an opportunity?:SMEs' capabilities for durability and opportunity confidence
Understanding Cybersecurity Education Gaps in Europe
International audienceDemand for cybersecurity professionals from industry and institutions is high, driven by an increasing digitisation of society and the growing range of potential targets for cyber attacks. However, despite this pressing need a significant shortfall in the number of cybersecurity experts remains and a discrepancy has emerged between the skills introduced through education andthose required in professional settings. In this paper, a PESTLE analysis was utilised to explore the factors impacting cybersecurity education in Europe. The PESTLE analysis enabled the categorisation of factors affecting cybersecurty education and skills and allowed for cybersecurity professionals to assess the relevance of the factors at a national-level and European-level. Utilising the concept of modularity from social network analysis,the inter-connectivity of factors was also considered. Finally, a European-level stakeholder survey was conducted to verify the findings. As a result of the above process, a lack of societalawareness of cybersecurity was identified as a major challenge to education, along with a lack of EU-level certification. It should be noted that significant differences between factors perceived as impacting cybersecurity education were found between countries suggesting a need for local solutions to the problem