A NIS Directive compliant Cybersecurity Maturity Model

The EU NIS Directive introduces obligations related to the security of the network and information systems for Operators of Essential Services and for Digital Service Providers. Moreover, National Competent Authorities for cybersecurity are required to assess compliance with these obligations. This paper describes a novel Cybersecurity Maturity Assessment Framework (CMAF) that is tailored to the NIS Directive requirements. CMAF can be used either as a self-assessment tool from Operators of Essential Services and Digital Service Providers or as an audit tool from the National Competent Authorities for cybersecurity

PHOENI2X -- A European Cyber Resilience Framework With Artificial-Intelligence-Assisted Orchestration, Automation and Response Capabilities for Business Continuity and Recovery, Incident Response, and Information Exchange

As digital technologies become more pervasive in society and the economy, cybersecurity incidents become more frequent and impactful. According to the NIS and NIS2 Directives, EU Member States and their Operators of Essential Services must establish a minimum baseline set of cybersecurity capabilities and engage in cross-border coordination and cooperation. However, this is only a small step towards European cyber resilience. In this landscape, preparedness, shared situational awareness, and coordinated incident response are essential for effective cyber crisis management and resilience. Motivated by the above, this paper presents PHOENI2X, an EU-funded project aiming to design, develop, and deliver a Cyber Resilience Framework providing Artificial-Intelligence-assisted orchestration, automation and response capabilities for business continuity and recovery, incident response, and information exchange, tailored to the needs of Operators of Essential Services and the EU Member State authorities entrusted with cybersecurity

PESTLE Analysis of Cybersecurity Education

International audienc

Understanding Cybersecurity Education Gaps in Europe

International audienceDemand for cybersecurity professionals from industry and institutions is high, driven by an increasing digitisation of society and the growing range of potential targets for cyber attacks. However, despite this pressing need a significant shortfall in the number of cybersecurity experts remains and a discrepancy has emerged between the skills introduced through education andthose required in professional settings. In this paper, a PESTLE analysis was utilised to explore the factors impacting cybersecurity education in Europe. The PESTLE analysis enabled the categorisation of factors affecting cybersecurty education and skills and allowed for cybersecurity professionals to assess the relevance of the factors at a national-level and European-level. Utilising the concept of modularity from social network analysis,the inter-connectivity of factors was also considered. Finally, a European-level stakeholder survey was conducted to verify the findings. As a result of the above process, a lack of societalawareness of cybersecurity was identified as a major challenge to education, along with a lack of EU-level certification. It should be noted that significant differences between factors perceived as impacting cybersecurity education were found between countries suggesting a need for local solutions to the problem

Job Adverts Analyzer for Cybersecurity Skills Needs Evaluation

International audienc