| 000 | 03261nam a22001697a 4500 | ||
|---|---|---|---|
| 003 | NUST | ||
| 082 | _a005.8,ALI | ||
| 100 |
_aAli, Sardar Muhammad _9132538 |
||
| 245 |
_aAssessment of the Impact of the Global Cybersecurity Index (GCI) of the International Telecommunication Union (ITU) on Improving the Cybersecurity Posture of Developing Countries (A Pakistani Perspective) / _cSardar Muhammad Ali |
||
| 260 |
_aRawalpindi, _bMCS (NUST), _c2025 |
||
| 300 | _axviii, 203 p | ||
| 505 | _aCybersecurity has become a critical priority as organizations increasingly depend on digital infrastructure. Traditional compliance approaches often fall short in addressing evolving threats, highlighting the need for intelligent and adaptive mechanisms to strengthen governance and resilience. Organizations encounter persistent challenges in aligning with multiple international and national cybersecurity standards. Current com pliance efforts are fragmented, costly, and lack adaptability, limiting their effectiveness in improving overall posture. In addition, existing methods fail to provide systematic and explainable guidance, creating governance and resilience gaps in developing countries. The proposed study presents an automated, machine learning–based recom mender framework that systematically suggests cybersecurity standards, audits, and compliance steps according to organizational maturity levels. The framework integrates six global standards (ISO/IEC 27001:2022, CIS, NIST, SCAP, NERC CIP, ISA/IEC 62443-4-2) and Three national cybersecurity standards were adopted for comparative analysis: Saudi Arabia follows the National Cybersecurity Authority (NCA) under the Essential Cybersecurity Controls (ECC) framework; Pakistan implements the National Cyber Security Policy (NCSP 2021) and Critical Telecom Data and Infrastructure Security Regulations (CTDISR) frameworks; while the United Arab Emirates (UAE) applies the Information Assurance (IA) framework under the National Cybersecurity Strategy (NCS). The proposed framework applies data preprocessing, TF-IDF, Recursive Feature Elimination (RFE), and a Content-Based Filtering (CBF) model with a feedback xvii loop to generate tailored compliance recommendations. The proposed framework was validated across three organizational maturity scenariosAd-hoc, Managed, and Adaptive. Findings indicated that the UAE standard recommended 158 controls at the Ad-hoc level, while the KSA standard dominated at the Managed level. Among the classifiers tested (Random Forest, K-Nearest Neighbor, and Support Vector Machine), Random Forest achieved the best performance with 81% accuracy and an ROC-AUC score of 0.98. The proposed framework provides a scalable and adaptive mechanism for compliance, enabling continuous monitoring of organizational maturity and alignment with international standards. By enhancing governance and resilience, it supports national cybersecurity capacity and contributes to improving Global Cybersecurity Index (GCI) rankings, offering both theoretical advancement and practical value for developing countries. | ||
| 650 |
_aPhD Information Security Thesis _9132793 |
||
| 651 |
_aPhD IS Thesis _9132794 |
||
| 700 |
_aSupervised by Dr. Abdul Razzaq _9132799 |
||
| 942 |
_2ddc _cTHE |
||
| 999 |
_c615841 _d615841 |
||