论文标题
NIS符合指令的网络安全成熟度评估框架
A NIS Directive compliant Cybersecurity Maturity Assessment Framework
论文作者
论文摘要
NIS指令介绍了基本服务运营商和数字服务提供商运营商的安全系统的义务,并要求国家主管当局评估其对这些义务的遵守情况。本文介绍了一种新型的网络安全成熟度评估框架(CMAF),该框架是根据NIS指令要求量身定制的,可以用作关键国家基础设施的自我评估工具,要么是来自国家胜任机构网络安全机构的审计工具。
The NIS Directive introduces obligations for the security of the network and information systems of operators of essential services and of digital service providers and require from the national competent authorities to assess their compliance to these obligations. This paper describes a novel cybersecurity maturity assessment framework (CMAF) that is tailored to the NIS Directive requirements and can be used either as a self assessment tool from critical national infrastructures either as an audit tool from the National Competent Authorities for cybersecurity.
