The seed of the CyberTOMP® framework emerged in 2021-2022 within the research work conducted by Dr. Manuel Domínguez-Dorado, which culminated in his doctoral thesis “Holistic Management and Evaluation of Cybersecurity in the Public Sector”, developed under the GÍTACA Research Group at the University of Extremadura.
It was in the context of this research that the first version of the theoretical model was published:
- M. Domínguez-Dorado, J. Carmona-Murillo, D. Cortés-Polo, and F. J. Rodríguez-Pérez, “CyberTOMP: A Novel Systematic Framework to Manage Asset-Focused Cybersecurity From Tactical and Operational Levels,” IEEE Access, vol. 10, pp. 122454–122485, Nov. 2022. DOI: 10.1109/ACCESS.2022.3223440.
Subsequent investigations (see the Research section), leveraging feedback provided by various public and private entities, by cybersecurity management professionals, and by the real-world practical application of the model, led to continuous improvements and extensions of the initial framework to achieve greater suitability for the real operational context of both private and, especially, public organizations.
This process gradually transformed the model, initially conceived as a more theoretical and academic construct, into a practical and action-oriented tool aimed at supporting real holistic cybersecurity management.
Today, the CyberTOMP® framework, along with its associated tools, continues to evolve within an open community under the stewardship of the GÍTACA research group. Its development is guided by both practical applicability and a theoretical foundation rooted in formal research, providing organizations that adopt it with the assurance that the underlying body of knowledge is fully aligned with their operational needs.