Guarding Our Vital Systems: A Metric for Critical Infrastructure Cyber Resilience.

The increased occurrence and severity of cyber-attacks on critical infrastructure have underscored the need to embrace systematic and prospective approaches to resilience. The current research takes as its hypothesis that the InfraGuard Cybersecurity Framework-a capability model that measures the maturity of cyber resilience through three functional pillars, Cyber as a Shield, Cyber as a Space, and Cyber as a Sword-is an implementable and understandable means to proceed with. The model treats the significant aspects of situational awareness, active defense, risk management, and recovery from incidents and is measured using globally standardized maturity models like ISO/IEC 15504, NIST CSF, and COBIT. The contributions include multidimensional measurements of resilience, a scored scale of capability (0-5), and domain-based classification enabling organizations to assess and enhance their cybersecurity situation in a formalized manner. The framework's applicability is illustrated in three exploratory settings of power grids, healthcare systems, and airports, each constituting various levels of maturity in resilience. This study provides down-to-earth recommendations to policymakers through the translation of the attributes of resilience into concrete assessment indicators, promoting policymaking, investment planning, and global cyber defense collaboration.