Litcius/Paper detail

An Evaluation Framework for Cybersecurity Maturity Aligned with the NIST CSF

Luís Bernardo, Silvestre Malta, João Paulo Magalhães

2025Electronics11 citationsDOIOpen Access PDF

Abstract

Cybersecurity is critical for mitigating the economic and reputational impacts of cyberattacks. To address these risks, frameworks like the NIST Cybersecurity Framework (NIST CSF) provide standardized guidelines for managing and reducing cybersecurity threats. This paper presents a maturity assessment approach aligned with the NIST CSF, incorporating a dual-survey methodology. The first survey engages cybersecurity experts to calibrate question importance, while the second targets organizations across management, IT staff, and other roles. The approach employs algorithms to deliver consistent evaluations and facilitate cross-organization comparisons. Results from case studies illustrate cybersecurity maturity levels for each NIST CSF function and highlight priority controls for enhancing organizational cybersecurity.

Topics & Concepts

NISTMaturity (psychological)Computer securityCapability Maturity ModelComputer sciencePolitical scienceProgramming languageNatural language processingLawSoftwareInformation and Cyber Security