<?xml version="1.0" encoding="UTF-8"?><xml><records><record><source-app name="Biblio" version="7.x">Drupal-Biblio</source-app><ref-type>27</ref-type><contributors><authors><author><style face="normal" font="default" size="100%">Venelin Georgiev</style></author></authors></contributors><titles><title><style face="normal" font="default" size="100%">The ‘Balance’ As a Panacea for Achieving (Cyber)Security</style></title><secondary-title><style face="normal" font="default" size="100%">IT4Sec Reports</style></secondary-title></titles><keywords><keyword><style  face="normal" font="default" size="100%">balance</style></keyword><keyword><style  face="normal" font="default" size="100%">capabilities</style></keyword><keyword><style  face="normal" font="default" size="100%">Cybersecurity</style></keyword><keyword><style  face="normal" font="default" size="100%">panacea</style></keyword><keyword><style  face="normal" font="default" size="100%">risks</style></keyword><keyword><style  face="normal" font="default" size="100%">Scenarios</style></keyword><keyword><style  face="normal" font="default" size="100%">security controls</style></keyword><keyword><style  face="normal" font="default" size="100%">threats</style></keyword><keyword><style  face="normal" font="default" size="100%">Vulnerabilities</style></keyword></keywords><dates><year><style  face="normal" font="default" size="100%">2022</style></year></dates><number><style face="normal" font="default" size="100%">145</style></number><language><style face="normal" font="default" size="100%">eng</style></language><abstract><style face="normal" font="default" size="100%">Decision-making in a complex, complex, multi-layered and multifactorial environment, such as the security environment, requires a balance between threat factors and strategies to counter them. In this sense, the search for a single, simple solution, seen as a panacea, is an irrational management approach. The report presents the results of a study to develop a model for balancing cybersecurity solutions.
</style></abstract></record><record><source-app name="Biblio" version="7.x">Drupal-Biblio</source-app><ref-type>27</ref-type><contributors><authors><author><style face="normal" font="default" size="100%">Venelin Georgiev</style></author></authors></contributors><titles><title><style face="normal" font="default" size="100%">Cyber Security Capabilities Maturity Model Based on a Balanced Scorecard</style></title><secondary-title><style face="normal" font="default" size="100%">IT4Sec Reports</style></secondary-title></titles><keywords><keyword><style  face="normal" font="default" size="100%">benchmark</style></keyword><keyword><style  face="normal" font="default" size="100%">capabilities</style></keyword><keyword><style  face="normal" font="default" size="100%">Cybersecurity</style></keyword><keyword><style  face="normal" font="default" size="100%">efficiency</style></keyword><keyword><style  face="normal" font="default" size="100%">maturity</style></keyword><keyword><style  face="normal" font="default" size="100%">model</style></keyword></keywords><dates><year><style  face="normal" font="default" size="100%">2022</style></year></dates><number><style face="normal" font="default" size="100%">146</style></number><language><style face="normal" font="default" size="100%">eng</style></language><abstract><style face="normal" font="default" size="100%">Measuring the maturity of cybersecurity capabilities is a key element of the overall concept of building and maintaining security in cyberspace. The report presents the results of the creation of a model for assessing the maturity of cybersecurity capabilities as a combination of the advantages of the balanced scorecard and benchmark model. The developed model has the strength of theoretical validity and practical applicability.</style></abstract></record><record><source-app name="Biblio" version="7.x">Drupal-Biblio</source-app><ref-type>27</ref-type><contributors><authors><author><style face="normal" font="default" size="100%">Venelin Georgiev</style></author></authors></contributors><titles><title><style face="normal" font="default" size="100%">Productive and Counter-Productive Balance in Security</style></title><secondary-title><style face="normal" font="default" size="100%">CSDM Views</style></secondary-title></titles><keywords><keyword><style  face="normal" font="default" size="100%">balance</style></keyword><keyword><style  face="normal" font="default" size="100%">capabilities</style></keyword><keyword><style  face="normal" font="default" size="100%">resources</style></keyword><keyword><style  face="normal" font="default" size="100%">Risk</style></keyword><keyword><style  face="normal" font="default" size="100%">security</style></keyword><keyword><style  face="normal" font="default" size="100%">threats</style></keyword><keyword><style  face="normal" font="default" size="100%">Vulnerabilities</style></keyword></keywords><dates><year><style  face="normal" font="default" size="100%">2022</style></year></dates><number><style face="normal" font="default" size="100%">44</style></number><language><style face="normal" font="default" size="100%">eng</style></language><abstract><style face="normal" font="default" size="100%">The research efforts in the field of security strengthens its relevance in conditions of crises, which are not lacking in modern times. Returning to fundamental questions such as why security is important and what makes it difficult to create an acceptable level of security allows, on the one hand, to reveal some erroneous theses, and on the other hand, to add perspectives in the search for rational answers. The material draws a parallel between two types of security balances, defined as productive and counter-productive. Based on the comparison, challenges to finding balanced solutions to security issues viewed as multifactorial functions are presented.</style></abstract></record><record><source-app name="Biblio" version="7.x">Drupal-Biblio</source-app><ref-type>27</ref-type><contributors><authors><author><style face="normal" font="default" size="100%">Venelin Georgiev</style></author></authors></contributors><titles><title><style face="normal" font="default" size="100%">Comparative Analysis of Models for Assessing the Maturity of Cybersecurity Capabilities</style></title><secondary-title><style face="normal" font="default" size="100%">IT4Sec Reports</style></secondary-title></titles><keywords><keyword><style  face="normal" font="default" size="100%">assessment</style></keyword><keyword><style  face="normal" font="default" size="100%">capabilities</style></keyword><keyword><style  face="normal" font="default" size="100%">cyber resilience</style></keyword><keyword><style  face="normal" font="default" size="100%">Cybersecurity</style></keyword><keyword><style  face="normal" font="default" size="100%">cybersecurity areas</style></keyword><keyword><style  face="normal" font="default" size="100%">maturity level</style></keyword><keyword><style  face="normal" font="default" size="100%">measurement</style></keyword></keywords><dates><year><style  face="normal" font="default" size="100%">2021</style></year></dates><number><style face="normal" font="default" size="100%">138</style></number><language><style face="normal" font="default" size="100%">eng</style></language><abstract><style face="normal" font="default" size="100%">&lt;p&gt;The examination of all issues of interest in the field of cybersecurity, cyber resilience and the fight against cybercrime can be focused on one term, and that is the term cybersecurity capabilities. Cybersecurity capabilities demonstrate the ability to implement policies, standards, guidelines, and operational procedures for the security of information systems, networks, applications, and information. In turn, cybersecurity capabilities are a dynamic object that is built, maintained, developed, modified and adapted to the changing security environment. The dynamics of security capabilities require measuring the degree of their maturity and comparing them with the target levels. This report provides a comparative analysis of existing models for assessing the maturity of cybersecurity capabilities, thus creating an opportunity for a reasonable choice of such a method for the needs of specific assessment.&lt;/p&gt;</style></abstract></record></records></xml>