Editorial

Dear Reader, welcome to the fifth newsletter of the SDN-microSENSE project, an EU Funded Innovation Project. This edition provides you an overview of the Cybersecurity Capability Maturity model. We hope you will find the contents of this newsletter interesting, your comments and suggestions are always appreciated.

Cybersecurity Training 

There is a concern in the energy sector about the low level of cybersecurity training in the company staff, what it is considered a risk in the security of the company and in the infrastructures they operate. 

The standard IEC-62443-2-1, considers that security awareness for all personnel is an essential tool for reducing cyber security risks. Companies are aware that they need to improve the cybersecurity competences of their employees, especially those that are operating the most critical assets. However,  cybersecurity training cannot be done in an improvised way, when the company or society has suffered some type of cyber-attack, nor can it be left to the employees themselves. It is necessary to define and deploy in the organisation a set of processes and practices to provide to each employee an awareness and training in cybersecurity specific to its working activity.

SDN-microSENSE addressing this challenge has developed a Cybersecurity Awareness and Training Model and an Evaluation Tool to help energy companies to improve their cybersecurity training processes. The model establishes the set of processes and practices that must be deployed in the company to manage the cybersecurity awareness and training of its personnel, and the evaluation tool helps to assess the level of maturity reached by the company in the deployment of these processes and practices. Furthermore, a competency framework has also been developed with a set of cybersecurity knowledge, skills and abilities to be adopted by the people according to their working role

Cybersecurity Awareness and Training Model and the Evaluation Tool defined in the context of SDN-microsense project is composed by three main components:

1.     Cybersecurity Capability Maturity Model

2.      Cybersecurity Competency Model

3.     Evaluation tool

In this newsletter we are presenting the first component you can find more information about the developed solutions at the project website.
 
Learn More

SDN-microSENSE Cybersecurity Capability Maturity Model

The first component of the SDN-microSENSE Cybersecurity Awareness and Training Model is the Cybersecurity Maturity Model. In the context of the SDN-microSENSE, the Cybersecurity Maturity Model is defined as a set of processes and practices that should be deployed in a company to improve the competency level of its personnel in cybersecurity aspects. This model is structured in maturity levels, representing different degree of organizational capability for managing and developing the training, skills, and competences processes to generate a cybersecurity culture inside an energy company. Each maturity level, with the exception of the Initial Level, consists of processes, which identify the capabilities that should be deployed in the company to achieve a maturity level. Finally, each process is composed by a set of practices and tips for achieving the process goal. The following figure shows how all the elements in the model are related:

About SDN-microSENSE

SDN-microSENSE has received funding from the European Union’s Horizon 2020 research and innovation programme under grant agreement No 833955. The information contained in this newsletter reflects only the authors’ view. EC is not responsible for any use that may be made of this information. SDN-microSENSE website
Follow us on Twitter
LinkedIn
Website
Email
YouTube
Copyright © 2021 SDNmicroSENSE consortium, All rights reserved.
Want to change how you receive these emails?
You can update your preferences or unsubscribe from this list