| Abstract [eng] |
In the thesis cybersecurity engineering processes expand ISO/IEC 33071 creating a model for assessing cyber security process capability as thus fulfilling originated deficiency. Its engineering process divides into five parts based on cyber security best practices and standards incorporating risk based approach. These parts are as following, identification, protection, detection, response and recovery. Each part consists of carefully selected and treated cybersecurity activities or processes. Justifying the adequacy of the model itself, Cybersecurity Process Capability Assessment Model by means of ISO/IEC 33020 is used to evaluate the activities of real organization. A name of CyberSPICE is given to a new model. |
