Incorporating Systems Thinking into a Cyber Resilience Maturity Model

Avi Shaked, Lior Tabansky, Yoram Reich

Research output: Contribution to journalArticlepeer-review


Achieving cyber resilient critical infrastructure poses a significant engineering management challenge. Society relies on infrastructure and services that extend beyond the managerial boundaries of a specific organizational entity, yet existing cybersecurity maturity models typically aim to assess a single organization. We offer a systems thinking approach to cyber resilience. Specifically, we relate to critical infrastructure and services in their sectoral system context, reimagining them as a system of systems. We then suggest exploring cyber resilience as a system property, with its expressions relating to the multiple dimensions of operation of the sector and to the different domains of practice. We discuss the dimensions of operation and domains of practice concepts that are embedded into a sectoral cyber resilience maturity model, which is under development. We demonstrate how these concepts frame a set of expressions that is designed to probe the sectoral design space; and propose how they may be further used as design considerations for improving the sector's cyber resilience.

Original languageEnglish
Article number9302574
Pages (from-to)110-115
Number of pages6
JournalIEEE Engineering Management Review
Issue number2
StatePublished - 1 Apr 2021


Dive into the research topics of 'Incorporating Systems Thinking into a Cyber Resilience Maturity Model'. Together they form a unique fingerprint.

Cite this