E-services cybersecurity assessment model

Abstract

With the increasing importance of e-services in cyberspace, cybersecurity is essential for safety and trustworthiness. This paper presents a cybersecurity assessment model that can be used to determine the current level of protection of e-services and to support its future development. The model is distinguished by its comprehensiveness, flexibility, and usability. In terms of comprehensiveness, the model integrates various cybersecurity measures recommended by international and national organizations and by academic researchers. In terms of flexibility, it structures these measures into the four-domain framework of technology, organization, people, and environment. The model also structures the assessment into levels based on the dimensions of importance, strategy consideration, and practical implementation. The usability of the model is illustrated by its application to three different Saudi organizations concerned with e-services. This work will be useful to researchers for the future development of cybersecurity assessments, and to professionals for practical applications.