Development of Maturity Framework for EU Cyber Crisis Management European Union Agency for Cybersecurity (ENISA)

Summary

With funding from the European Union’s Agency for Cyber Security (ENISA), NRD Cyber Security developed and refined a maturity framework on cyber crisis management.

Details

Aim

The objective of this project is to build upon ENISA maturity model for EU cyber crisis management stakeholders and to further develop the framework for the use by EU institutions, bodies and agencies (EUIBAs) stakeholders.

Context

In 2022, ENISA is continuing to support operational cooperation among Member States, Union institutions, bodies, offices and agencies. Actions include establishing synergies with national and EU actors including CERT-EU with the view to exchange know how, best practices, provide advice and issue guidance.

Outcomes

The main outcome of this project is an ENISA maturity framework for EU cyber crisis management’s EUIBA stakeholders, including:

• Review and update of the current maturity model developed by ENISA in 2021 with the key EUIBA stakeholders.
• Conduct further research on the development of maturity levels for the new maturity model and proposed minimum required scores for each maturity stage and parameters with clear justification.
• Define maturity assessment methodology for EUIBA stakeholders as part of the maturity framework
• Test and verify the proposed maturity framework with several EUIBA stakeholders to identify areas of improvement for further development and application of the maturity framework
• Draw lessons learnt and recommendations for further improvement from the test cases.