Cyber Trust Index: A Framework for Rating and Improving Cybersecurity Performance

Cybersecurity risk is among the top risks that every organization must consider and manage, especially during this time wherein technology has become an integral part of our lives; however, there no efficient simplified measurement method organizations or regulators could use, as frequently they need, to evaluate compare outcome cybersecurity efforts have been put in place. Consequently, resulted absence critical data for improvement. This research proposes a Cyber Trust Index (CTI), novel framework evaluating, benchmarking, improving organizations’ performance. Methods: The researchers analyzed prominent scientific papers widely used security standards develop baseline controls serve foundation. Then, identified Control Enablers Capability Tiers were base measures methods. CTI was evaluated by experts tested with 35 from information infrastructure (CII) sector, well other generic sectors, Thailand confirm its validity reliability real settings identify priorities factors can contribute better Results: two key elements: rating comprise 12 dimensions, 25 clusters, 70 controls. methods utilize five control enablers capability tiers compute scores. A binary questionnaire capture process. Based on statistical analysis results pilot organizations, 28.57% are beginner group high-risk exposure, 31.43% leader low-risk 40% between (the intermediate advanced groups). Two distinguish groups: (1) internal factor, which Enablers; (2) external influence cyber regulating body. Our study confirms higher will help achieve performance (R = 0.98021) highlights significance bodies showing shear difference 197.53% highly regulated low-regulated industries. Conclusions: reveals insights into importance Enablers, leverage drive performance, positive return enforcement, emphasizes need bodies. proven be valid measuring At very least, step-wise roadmap provided adopt adapt their improvement mission.