A Review of Cyber Security Maturity Assessment Models for OT Systems

Özkaya, Kamil Olcay
Cyber security holds significant importance in today's interconnected and digitized industrial landscape. Devices ranging from printers to thermostats, washing machines, and cars are produced in a way that allows them to communicate with the outside world via internet. There are some precautions that may prevent them against jeopardizing the security of the data and equipment. Cybersecurity maturity frameworks provide a structured and comprehensive approach for assessing, improving, and managing their cybersecurity capabilities. These frameworks are designed to help organizations enhance their cybersecurity posture, address vulnerabilities, and adapt to evolving cyber threats. Existing research in this field mostly address assessing maturity of Information Technology (IT) infrastructure. However, a comprehensive methodology and review for Operational Technology (OT) systems maturity assessment is limited. The importance of this problem lies in the growing significance of critical infrastructures, industrial processes. The OT systems are critical in terms of ensuring operational continuity and security. Due to the fact that these systems are mostly closed network, it is mostly regarded as basic security countermeasures are enough, and their continuous security resilience is overlooked. However, it is necessary to place controls related to cyber security in terms of both protecting systems against any unintended abuse and legal obligations. This project aims to examine widely used cybersecurity capability maturity assessment frameworks for OT systems, as a result of a review of published studies, standards, and frameworks in terms of OT systems cyber security resilience assessment.
Citation Formats
K. O. Özkaya, “A Review of Cyber Security Maturity Assessment Models for OT Systems,” M.S. - Master Of Science Without Thesis, Middle East Technical University, 2024.