OT Cyber Security Frameworks Comparison Tool (CSFCTool)

This paper proposes a holistic cybersecurity online tool to support implementation activities of the “National Framework for Cybersecurity & Data Protection”, one of its contextualizations, as well as the fifteen “Essential Cybersecurity Controls”. It also aims at promoting its wide dissemination by SMEs. All the regulations, standards and national/international laws mentioned as “Informative References” for each Subcategory in the Framework Core are, in fact, made available through a web application where they can be consulted with a few clicks, guiding even less experienced users in the creation of their cybersecurity compliance projects. The research and analysis activities conducted with a systematic, global and conceptual approach - consistent with the original document - have been aimed at highlighting the substantial differences between IT/OT cybersecurity requirements in order to increase, through a comparative analysis, the cyber resilience of national critical infrastructures. Meanwhile, since an important step towards cyberspace security is a global increase in the level of cyber risk awareness, the tool aims to be used for education and training programs too, both at the corporate and academic levels, in order to bridge the skills gap in the job market between job seekers and employers. For this purpose, some of the main reference standards used for auditing, vulnerability assessment and risk management activities have been included.