03261nam a22001697a 4500 NUST 005.8,ALI Ali, Sardar Muhammad 132538 Assessment of the Impact of the Global Cybersecurity Index (GCI) of the International Telecommunication Union (ITU) on Improving the Cybersecurity Posture of Developing Countries (A Pakistani Perspective) / Sardar Muhammad Ali Rawalpindi, MCS (NUST), 2025 xviii, 203 p Cybersecurity has become a critical priority as organizations increasingly depend on digital infrastructure. Traditional compliance approaches often fall short in addressing evolving threats, highlighting the need for intelligent and adaptive mechanisms to strengthen governance and resilience. Organizations encounter persistent challenges in aligning with multiple international and national cybersecurity standards. Current com pliance efforts are fragmented, costly, and lack adaptability, limiting their effectiveness in improving overall posture. In addition, existing methods fail to provide systematic and explainable guidance, creating governance and resilience gaps in developing countries. The proposed study presents an automated, machine learning–based recom mender framework that systematically suggests cybersecurity standards, audits, and compliance steps according to organizational maturity levels. The framework integrates six global standards (ISO/IEC 27001:2022, CIS, NIST, SCAP, NERC CIP, ISA/IEC 62443-4-2) and Three national cybersecurity standards were adopted for comparative analysis: Saudi Arabia follows the National Cybersecurity Authority (NCA) under the Essential Cybersecurity Controls (ECC) framework; Pakistan implements the National Cyber Security Policy (NCSP 2021) and Critical Telecom Data and Infrastructure Security Regulations (CTDISR) frameworks; while the United Arab Emirates (UAE) applies the Information Assurance (IA) framework under the National Cybersecurity Strategy (NCS). The proposed framework applies data preprocessing, TF-IDF, Recursive Feature Elimination (RFE), and a Content-Based Filtering (CBF) model with a feedback xvii loop to generate tailored compliance recommendations. The proposed framework was validated across three organizational maturity scenariosAd-hoc, Managed, and Adaptive. Findings indicated that the UAE standard recommended 158 controls at the Ad-hoc level, while the KSA standard dominated at the Managed level. Among the classifiers tested (Random Forest, K-Nearest Neighbor, and Support Vector Machine), Random Forest achieved the best performance with 81% accuracy and an ROC-AUC score of 0.98. The proposed framework provides a scalable and adaptive mechanism for compliance, enabling continuous monitoring of organizational maturity and alignment with international standards. By enhancing governance and resilience, it supports national cybersecurity capacity and contributes to improving Global Cybersecurity Index (GCI) rankings, offering both theoretical advancement and practical value for developing countries. PhD Information Security Thesis 132793 PhD IS Thesis 132794 Supervised by Dr. Abdul Razzaq 132799 ddc THE 615841 615841 0 0 ddc 0 0 MCS MCS THE 2026-01-17 0 005.8,ALI MCSPhD IS-16 2026-01-17 2026-01-17 THE Almirah No.68, Shelf No.5