{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,11,22]],"date-time":"2025-11-22T12:18:30Z","timestamp":1763813910692,"version":"3.40.3"},"publisher-location":"Cham","reference-count":21,"publisher":"Springer International Publishing","isbn-type":[{"type":"print","value":"9783030120849"},{"type":"electronic","value":"9783030120856"}],"license":[{"start":{"date-parts":[[2019,1,1]],"date-time":"2019-01-01T00:00:00Z","timestamp":1546300800000},"content-version":"tdm","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2019]]},"DOI":"10.1007\/978-3-030-12085-6_5","type":"book-chapter","created":{"date-parts":[[2019,1,29]],"date-time":"2019-01-29T12:17:55Z","timestamp":1548764275000},"page":"49-60","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":6,"title":["A Questionnaire Model for Cybersecurity Maturity Assessment of Critical Infrastructures"],"prefix":"10.1007","author":[{"ORCID":"https:\/\/orcid.org\/0000-0001-6406-356X","authenticated-orcid":false,"given":"Bilge","family":"Yigit Ozkan","sequence":"first","affiliation":[]},{"ORCID":"https:\/\/orcid.org\/0000-0002-9237-221X","authenticated-orcid":false,"given":"Marco","family":"Spruit","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2019,1,30]]},"reference":[{"key":"5_CR1","unstructured":"ISO\/IEC 27032:2012 - Information technology \u2013 Security techniques \u2013 Guidelines for cybersecurity. \n                      https:\/\/www.iso.org\/standard\/44375.html"},{"key":"5_CR2","unstructured":"National Institute of Standards and Technology: Framework for Improving Critical Infrastructure Cybersecurity, Version 1.1. National Institute of Standards and Technology, Gaithersburg, MD (2018)"},{"issue":"4","key":"5_CR3","doi-asserted-by":"publisher","first-page":"18","DOI":"10.1109\/52.219617","volume":"10","author":"M.C. Paulk","year":"1993","unstructured":"Paulk, M.C., Curtis, B., Chrissis, M.B., Weber, C.V.: Capability Maturity Model, Version 1.1. IEEE Softw. Los Alamitos. 10, 18\u201327 (1993). \n                      http:\/\/dx.doi.org\/10.1109\/52.219617","journal-title":"IEEE Software"},{"key":"5_CR4","unstructured":"Smart Grid Maturity Model, Version 1.2: Model Definition. \n                      https:\/\/resources.sei.cmu.edu\/library\/asset-view.cfm?assetid=10035"},{"key":"5_CR5","unstructured":"About the Business Process Maturity Model Specification Version 1.0. \n                      https:\/\/www.omg.org\/spec\/BPMM\/"},{"key":"5_CR6","unstructured":"People CMM: A Framework for Human Capital Management (SEI Series in Software Engineering Series) | ISBNdb. \n                      https:\/\/isbndb.com\/book\/9780321553904"},{"key":"5_CR7","unstructured":"TMMi Model. \n                      https:\/\/www.tmmi.org\/tmmi-model\/"},{"key":"5_CR8","unstructured":"Cybersecurity Capability Maturity Model (C2M2) | Department of Energy. \n                      https:\/\/www.energy.gov\/ceser\/activities\/cybersecurity-critical-energy-infrastructure\/energy-sector-cybersecurity-0-0"},{"key":"5_CR9","unstructured":"Open Information Security Management Maturity Model (O-ISM3), Version 2.0. \n                      https:\/\/publications.opengroup.org\/c17b"},{"key":"5_CR10","unstructured":"Cybersecurity Capability Maturity Model. \n                      https:\/\/www.hsdl.org\/?view&did=798503"},{"key":"5_CR11","unstructured":"Spruit, M., Roeling, M.: ISFAM: the information security focus area maturity model. In: ECIS 2014 Proceedings (2014)"},{"key":"5_CR12","unstructured":"van Steenbergen, M., Bos, R., Brinkkemper, S., van de Weerd, I., Bekkers, W.: Improving IS functions step by step: the use of focus area maturity models. Scandinavian J. Inf. Syst. 25, 2 (2013)"},{"key":"5_CR13","unstructured":"Blanchette, S., Keeler, J.K.L.: Self Assessment and the CMMI-AM \u2013 A Guide for Government Program Managers, p. 41"},{"key":"5_CR14","unstructured":"e-CF overview | European e-Competence Framework. \n                      http:\/\/www.ecompetences.eu\/e-cf-overview\/"},{"key":"5_CR15","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"317","DOI":"10.1007\/978-3-642-13335-0_22","volume-title":"Global Perspectives on Design Science Research","author":"M Steenbergen van","year":"2010","unstructured":"van Steenbergen, M., Bos, R., Brinkkemper, S., van de Weerd, I., Bekkers, W.: The design of focus area maturity models. In: Winter, R., Zhao, J.L., Aier, S. (eds.) DESRIST 2010. LNCS, vol. 6105, pp. 317\u2013332. Springer, Heidelberg (2010). \n                      https:\/\/doi.org\/10.1007\/978-3-642-13335-0_22"},{"key":"5_CR16","unstructured":"ISO\/IEC 27002:2013 - Information technology \u2013 Security techniques \u2013 Code of practice for information security controls. \n                      https:\/\/www.iso.org\/standard\/54533.html"},{"key":"5_CR17","unstructured":"ETSI: ETSI TR 103 305 .CYBER; Attribute Based Encryption for Attribute Based Access Control (2018)"},{"key":"5_CR18","unstructured":"ISO\/IEC 27001:2013 - Information technology \u2013 Security techniques \u2013 Information security management systems \u2013 Requirements. \n                      https:\/\/www.iso.org\/standard\/54534.html"},{"key":"5_CR19","doi-asserted-by":"publisher","first-page":"15","DOI":"10.1007\/s13753-011-0002-y","volume":"2","author":"A Fekete","year":"2011","unstructured":"Fekete, A.: Common criteria for the assessment of critical infrastructures. Int. J. Disaster Risk Sci. 2, 15\u201324 (2011). \n                      https:\/\/doi.org\/10.1007\/s13753-011-0002-y","journal-title":"Int. J. Disaster Risk Sci."},{"key":"5_CR20","doi-asserted-by":"publisher","first-page":"106","DOI":"10.1080\/08874417.2016.1117369","volume":"56","author":"F Mijnhardt","year":"2016","unstructured":"Mijnhardt, F., Baars, T., Spruit, M.: Organizational characteristics influencing SME information security maturity. J. Comput. Inf. Syst. 56, 106\u2013115 (2016). \n                      https:\/\/doi.org\/10.1080\/08874417.2016.1117369","journal-title":"J. Comput. Inf. Syst."},{"key":"5_CR21","unstructured":"ISO\/IEC 15504-2:2003 - Information technology \u2013 Process assessment \u2013 Part 2: Performing an assessment. \n                      https:\/\/www.iso.org\/standard\/37458.html"}],"container-title":["Lecture Notes in Computer Science","Information and Operational Technology Security Systems"],"original-title":[],"language":"en","link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-030-12085-6_5","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2019,5,20]],"date-time":"2019-05-20T06:35:10Z","timestamp":1558334110000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/978-3-030-12085-6_5"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2019]]},"ISBN":["9783030120849","9783030120856"],"references-count":21,"URL":"https:\/\/doi.org\/10.1007\/978-3-030-12085-6_5","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"type":"print","value":"0302-9743"},{"type":"electronic","value":"1611-3349"}],"subject":[],"published":{"date-parts":[[2019]]},"assertion":[{"value":"30 January 2019","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}},{"value":"IOSec","order":1,"name":"conference_acronym","label":"Conference Acronym","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"International Workshop on Information and Operational Technology Security Systems","order":2,"name":"conference_name","label":"Conference Name","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Heraklion","order":3,"name":"conference_city","label":"Conference City","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Greece","order":4,"name":"conference_country","label":"Conference Country","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"2018","order":5,"name":"conference_year","label":"Conference Year","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"13 September 2018","order":7,"name":"conference_start_date","label":"Conference Start Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"13 September 2018","order":8,"name":"conference_end_date","label":"Conference End Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"1","order":9,"name":"conference_number","label":"Conference Number","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"iosec2018","order":10,"name":"conference_id","label":"Conference ID","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"https:\/\/www.raid2018.org\/cipsecworkshop.html","order":11,"name":"conference_url","label":"Conference URL","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Single-blind","order":1,"name":"type","label":"Type","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information"}},{"value":"Easychair","order":2,"name":"conference_management_system","label":"Conference Management System","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information"}},{"value":"22","order":3,"name":"number_of_submissions_sent_for_review","label":"Number of Submissions Sent for Review","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information"}},{"value":"11","order":4,"name":"number_of_full_papers_accepted","label":"Number of Full Papers Accepted","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information"}},{"value":"1","order":5,"name":"number_of_short_papers_accepted","label":"Number of Short Papers Accepted","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information"}},{"value":"50% - The value is computed by the equation \"Number of Full Papers Accepted \/ Number of Submissions Sent for Review * 100\" and then rounded to a whole number.","order":6,"name":"acceptance_rate_of_full_papers","label":"Acceptance Rate of Full Papers","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information"}},{"value":"3","order":7,"name":"average_number_of_reviews_per_paper","label":"Average Number of Reviews per Paper","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information"}},{"value":"3","order":8,"name":"average_number_of_papers_per_reviewer","label":"Average Number of Papers per Reviewer","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information"}},{"value":"Yes","order":9,"name":"external_reviewers_involved","label":"External Reviewers Involved","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information"}}]}}