01524nas a2200193 4500000000100000000000100001008004100002260001400043653003100057653002100088653003800109653002200147653002400169100001900193245006800212300000900280490000700289520103400296 2020 d cFall 202010acapability maturity models10acyber resilience10acybersecurity maturity assessment10ahybrid resilience10amaturity indicators1 aGeorge Sharkov00aAssessing the Maturity of National Cybersecurity and Resilience a5-240 v193 a
This article provides an overview of maturity levels and assessment methodologies for the evaluation of cybersecurity and resilience in relation to their applicability and usefulness at sectoral and national levels. Reference maturity models and assessment frameworks, such as CERT Resilience Management Model, Cybersecurity Capacity Maturity Model for Nations, C2M2 (Cybersecurity Capability Maturity Model), are compared and analyzed for their applicability in designing and implementing national cybersecurity strategies and programs to achieve cyber resilience. Cyber readiness indexes are also outlined in view of their use to indicate possible improvements. The author explores the development of national cybersecurity strategies with a focus on cyber maturity and provides examples. A maturity-based approach for the Bulgarian cyber resilience roadmap is also described within the context of the evolving cyber-empowered hybrid threats and the need for an institutionalized collaborative public-private resilience.