As cyber threats targeting critical infrastructures grow in complexity and societal impact, the focus of cybersecurity must shift from mere protection to sustained resilience. This paper proposes a conceptual multi-dimensional scoring framework to be utilized by cyber ranges to assess and quantify the cyber resilience of critical infrastructure organizations. The framework is built upon seven interrelated cyber resilience dimensions across the technical, operational, and human spectrum. For each dimension, initial performance indicators are proposed to standardize the evaluation process and enable organizations to benchmark their cyber resilience, identify skill and coordination gaps, and align cybersecurity training with real-world mission continuity requirements. The proposed multi-dimensional approach provides a structured performance evaluation that is aligned with NIS2 regulation requirements, supporting compliance readiness and enabling tailored workforce development interventions. This contribution aims to enhance organizations’ preparedness in safeguarding essential services under adverse conditions.

错误:搜索内容不能为空,请输入英文关键词
错误:关键词超出字数限制,请精简
高级检索

A Multi-dimensional Cyber Range-Powered Scoring Framework for Evaluating Cyber Resilience of Critical Infrastructures

  • Savvas Theodoulou,
  • Eliana Stavrou,
  • Adamantini Peratikou,
  • Stavros Stavrou

摘要

As cyber threats targeting critical infrastructures grow in complexity and societal impact, the focus of cybersecurity must shift from mere protection to sustained resilience. This paper proposes a conceptual multi-dimensional scoring framework to be utilized by cyber ranges to assess and quantify the cyber resilience of critical infrastructure organizations. The framework is built upon seven interrelated cyber resilience dimensions across the technical, operational, and human spectrum. For each dimension, initial performance indicators are proposed to standardize the evaluation process and enable organizations to benchmark their cyber resilience, identify skill and coordination gaps, and align cybersecurity training with real-world mission continuity requirements. The proposed multi-dimensional approach provides a structured performance evaluation that is aligned with NIS2 regulation requirements, supporting compliance readiness and enabling tailored workforce development interventions. This contribution aims to enhance organizations’ preparedness in safeguarding essential services under adverse conditions.