A vulnerability-driven cyber security maturity model for measuring national critical infrastructure protection preparedness

Karabacak B., Yildirim S., Baykal N.

INTERNATIONAL JOURNAL OF CRITICAL INFRASTRUCTURE PROTECTION, vol.15, pp.47-59, 2016 (SCI-Expanded) identifier identifier

  • Publication Type: Article / Article
  • Volume: 15
  • Publication Date: 2016
  • Doi Number: 10.1016/j.licip.2016.10.001
  • Journal Indexes: Science Citation Index Expanded (SCI-EXPANDED), Scopus
  • Page Numbers: pp.47-59
  • Keywords: Cyber security, National critical infrastructure protection efforts, Turkey, Developing countries, Maturity model, Grounded theory, Delphi survey
  • Middle East Technical University Affiliated: Yes


Critical infrastructures are vital assets for the public safety, economic welfare and national security of countries. Cyber systems are used extensively to monitor and control critical infrastructures. A number of infrastructures are connected to the Internet via corporate networks. Cyber security is, therefore, an important item of the national security agenda of a country. The intense interest in cyber security has initiated research focusing on national cyber security maturity assessments. However, little, if any, research is dedicated to maturity assessments of national critical infrastructure protection efforts. Instead, the vast majority of studies merely examine diverse national-level security best practices ranging from cyber crime response to privacy protection.