Enhancing cybersecurity framework adoption: methodologies and techniques for contexts specific implementations

The rapid evolution of digital technologies has radically changed industries, enabling more efficient and scalable operations, but also introducing new cybersecurity challenges. Sectors such as healthcare have become prime targets for cyberattacks, with the number of incidents rising dramatically in recent years. This increase is often linked to the vulnerabilities created by the interconnected nature of digital systems and the shortage of skilled cybersecurity professionals. In response, to secure their systems and to implement an effective risk management plan, organizations must navigate several complex security frameworks requiring a deep understanding of evolving regulations and proactive adaptation to the security best practices. This thesis contributes to addressing these challenges by presenting a systematization of key cybersecurity documents and the development of a contextualized security prototype for the healthcare sector. We propose a semi-automated mapping process using Natural Language Processing (NLP) models to align vulnerabilities with fitting security controls, significantly reducing the time and effort required for cybersecurity decision-making. Our results show how this approach can streamline the implementation of security measures, improve regulatory compliance, and enhance overall cybersecurity resilience.