Increasing cyber threats require organizations to adopt measurable mechanisms for cybersecurity risk prioritization. The Cyber Security Maturity (CSM) framework issued by Badan Siber dan Sandi Negara is widely used to assess cybersecurity capability; however, its results remain descriptive and lack computational support for prioritization. This study proposes a cybersecurity risk prioritization model using Fuzzy Logic Tsukamoto, with maturity values from five CSM aspects as input variables. A total of 100 simulated datasets were generated using a rule-based scenario approach to represent diverse maturity conditions. Trapezoidal and triangular membership functions were applied, and the fuzzy rule base consisted of 15 rules based on the weakest-link principle. Results show that 88% of the data include at least one aspect in a transition zone and are consistently processed by the model. The output produces a distribution of 46% low, 44% medium, and 10% high risk within a 0–100 range, providing a structured, measurable, and reproducible prioritization approach.
Copyrights © 2026