Relevant bibliographies by topics / Cybersecurity maturity model

Contents

  1. Journal articles
  2. Dissertations / Theses
  3. Books
  4. Book chapters
  5. Conference papers
  6. Reports

Academic literature on the topic 'Cybersecurity maturity model'

Author: Grafiati
Published: 9 January 2025

Create a spot-on reference in APA, MLA, Chicago, Harvard, and other styles

Select a source type:

Consult the lists of relevant articles, books, theses, conference reports, and other scholarly sources on the topic 'Cybersecurity maturity model.'

Next to every source in the list of references, there is an 'Add to bibliography' button. Press on it, and we will generate automatically the bibliographic reference to the chosen work in the citation style you need: APA, MLA, Harvard, Chicago, Vancouver, etc.

You can also download the full text of the academic publication as pdf and read online its abstract whenever available in the metadata.

Journal articles on the topic "Cybersecurity maturity model"

1

Kour, Ravdeep, Ramin Karim, and Adithya Thaduri. "Cybersecurity for railways – A maturity model." Proceedings of the Institution of Mechanical Engineers, Part F: Journal of Rail and Rapid Transit 234, no. 10 (October 18, 2019): 1129–48. http://dx.doi.org/10.1177/0954409719881849.

Full text
Abstract:
With the advancements in and widespread adoption of information and communication technologies in infrastructures, cyber-attacks are becoming more frequent and more severe. Advanced cybersecurity threats with automated capabilities are increasing in such sectors as finance, health, grid, retail, government, telecommunications, transportation, etc. Cyber-attacks are also increasing in railways with an impact on railway stakeholders, e.g. threat to the safety of employees, passengers, or the public in general; loss of sensitive railway information; reputational damage; monetary loss; erroneous decisions; loss of dependability, etc. There is a need to move towards advanced security analytics and automation to identify, respond to, and prevent such security breaches. The objective of this research is to reduce cyber risks and vulnerabilities and to improve the cybersecurity capabilities of railways by evaluating their cybersecurity maturity levels and making recommendations for improvements. After assessing various cybersecurity maturity models, the Cybersecurity Capability Maturity Model (C2M2) was selected to assess the cybersecurity capabilities of railway organizations. The contributions of this research are as follows. First, a new maturity level MIL4 (Maturity Indicator Level 4) is introduced in the C2M2 model. Second, the C2M2 model is adapted by adding advanced security analytics and threat intelligence to develop the Railway-Cybersecurity Capability Maturity Model (R-C2M2). The cybersecurity maturity of three railway organizations is evaluated using this model. Third, recommendations and available standards & guidelines are provided to the three railway organizations to improve maturity levels within different domains. In addition, they are given an action plan to implement the recommendations in a streamlined way. The application of this model will allow railway organizations to improve their capability to reduce the impacts of cyber-attacks and eradicate vulnerabilities. The approach can also be extended to other infrastructures with necessary adaptations.
APA, Harvard, Vancouver, ISO, and other styles
2

Yigit Ozkan, Bilge, Sonny van Lingen, and Marco Spruit. "The Cybersecurity Focus Area Maturity (CYSFAM) Model." Journal of Cybersecurity and Privacy 1, no. 1 (February 13, 2021): 119–39. http://dx.doi.org/10.3390/jcp1010007.

Full text
Abstract:
The cost of recovery after a cybersecurity attack is likely to be high and may result in the loss of business at the extremes. Evaluating the acquired cybersecurity capabilities and evolving them to a desired state in consideration of risks are inevitable. This research proposes the CYberSecurity Focus Area Maturity (CYSFAM) Model for assessing cybersecurity capabilities. In this design science research, CYSFAM was evaluated at a large financial institution. From the many cybersecurity standards, 11 encompassing focus areas were identified. An assessment instrument—containing 144 questions—was developed. The in-depth single case study demonstrates how and to what extent cybersecurity related deficiencies can be identified. The novel scoring metric has been proven to be adequate, but can be further improved upon. The evaluation results show that the assessment questions suit the case study target audience; the assessment can be performed within four hours; the organization recognizes itself in the result.
APA, Harvard, Vancouver, ISO, and other styles
3

P, Dr Rachana. "Strategic Approaches to Cybersecurity Audits for Control Evaluation." INTERANTIONAL JOURNAL OF SCIENTIFIC RESEARCH IN ENGINEERING AND MANAGEMENT 08, no. 12 (December 24, 2024): 1–5. https://doi.org/10.55041/ijsrem40065.

Full text
Abstract:
This article presents an empirical study evaluating the effectiveness of the CyberSecurity Audit Model (CSAM 2.0) at a Canadian higher education institution. CSAM 2.0 is a comprehensive model used to assess cybersecurity assurance, maturity, and readiness in medium to large organizations and at the national level. It allows for the effective evaluation of security controls across various cybersecurity domains. The study highlights global best practices in cybersecurity audits, highlighting the lack of standardized guidelines and weaknesses in cybersecurity training programs. The paper details CSAM 2.0's structure and architecture, sharing results from three research scenarios: (1) a single audit focusing on awareness education, (2) audits in multiple domains such as governance, legal compliance, and incident management, and (3) a full audit covering all model domains. The study concludes that CSAM 2.0 offers valuable insights for improving cybersecurity practices and addressing vulnerabilities. Keywords: Cybersecurity, Cybersecurity Audits, Cybersecurity Audit Model, Cybersecurity Assurance, Cybersecurity Maturity, Control Evaluation, Risk Management, Incident Response, Cybersecurity Domains, Cybersecurity Training.
APA, Harvard, Vancouver, ISO, and other styles
4

Dotsenko, T. V., and M. V. Kuzmenko. "Maturity of the country's cybersecurity system in the conditions of war: assessment trends." Economic Bulletin of Dnipro University of Technology 87 (September 2024): 34–43. http://dx.doi.org/10.33271/ebdut/87.034.

Full text
Abstract:
Methods. The study used the following methods: an inductive approach to formulating the concept of maturity of the country's cybersecurity system in military conditions; a deductive method to derive the concept of assessing the maturity of the country's cybersecurity system during military operations; content analysis identified the key elements of assessing the maturity of the national cybersecurity system in military operations; strategic analysis identified the main vectors of assessing the problem under study, and the latest approaches to assessing the national cybersecurity system. Results. The latest trends in assessing the maturity of the country's cybersecurity system, taking into account the aspect of military conditions, are identified: the existing regulatory and legal framework at the international and national levels is indicated; the concept of maturity and assessment of the maturity of the country's cybersecurity system during military operations is formulated. The paper outlines the key elements of assessing the maturity of the national cybersecurity system in military operations: adaptability, interoperability, readiness, partnership, cyber reserves, vulnerabilities and threats, and training. The main vectors of assessment are identified: assessment of cyber threats, cyber attacks, infrastructure protection, interaction of cybersecurity actors, level of personnel training; the latest approaches to system assessment are noted. A scheme of future key challenges, trends, and recommendations for assessing the maturity of the national cybersecurity system in wartime has been formed. Novelty. The study of the specifics of assessing the maturity of the country's cybersecurity system identifies key elements, vectors, approaches, and methods for assessing the cyber defence system. Weaknesses and vulnerabilities, existing progress in the development of cyber defence of the system are identified, and the necessary activities to enhance the effectiveness of national security in times of war are identified. Practical value. The experience of previous achievements in the functioning of cybersecurity systems is summarised, the most effective practices and methods of cyber resilience are identified, recommendations for assessing the maturity of the national cybersecurity system in times of war are proposed, which will optimise existing and potential resources, and will help to create the preconditions for further development of the latest model of cyber defence assessment.
APA, Harvard, Vancouver, ISO, and other styles
5

Aliyu, Aliyu, Leandros Maglaras, Ying He, Iryna Yevseyeva, Eerke Boiten, Allan Cook, and Helge Janicke. "A Holistic Cybersecurity Maturity Assessment Framework for Higher Education Institutions in the United Kingdom." Applied Sciences 10, no. 10 (May 25, 2020): 3660. http://dx.doi.org/10.3390/app10103660.

Full text
Abstract:
As organisations are vulnerable to cyberattacks, their protection becomes a significant issue. Capability Maturity Models can enable organisations to benchmark current maturity levels against best practices. Although many maturity models have been already proposed in the literature, a need for models that integrate several regulations exists. This article presents a light, web-based model that can be used as a cybersecurity assessment tool for Higher Education Institutes (HEIs) of the United Kingdom. The novel Holistic Cybersecurity Maturity Assessment Framework incorporates all security regulations, privacy regulations, and best practices that HEIs must be compliant to, and can be used as a self assessment or a cybersecurity audit tool.
APA, Harvard, Vancouver, ISO, and other styles
6

Peliukh, O. I., M. V. Yesina, and D. Yu Holubnychyi. "CERT-UA assessment based on the CSIRT ENISA Maturity Model." Radiotekhnika, no. 213 (June 16, 2023): 41–48. http://dx.doi.org/10.30837/rt.2023.2.213.04.

Full text
Abstract:
Cybersecurity threats are steadily increasing in today's world, which is characterised by increased openness and integration into the global network. The proliferation of cyber incidents, including hacker attacks, confidential data leaks and information theft, is becoming an extremely pressing issue in this context. Accordingly, the eradication of these threats requires the development of effective methods of responding to cyber incidents. The central theme of this article is to consider the critical importance of assessing and improving the effectiveness of cyber incident response teams. The structure of such a team, including cybersecurity specialists, network engineers, analysts, etc., is aimed at identifying, analysing and overcoming threats in cyberspace. The key aspects of assessing such a team, like abilities, experience, communication skills and level of cooperation, are presented clearly through the prism of the updated ENISA CSIRT Maturity Model. The article uses the Computer Emergency Response Team in Ukraine (CERT-UA), a national team operating under the leadership of the State Service for Special Communications and Information Protection of Ukraine, to illustrate the methods of assessing a cyber incident response team. The assessment of the team, based on the ENISA CSIRT Maturity Model, points to key aspects that determine its effectiveness. The paper provides a clear view of the process of measuring cyber incident response teams through a systematic approach that identifies their strengths and weaknesses. The maturity analysis of the CERT-UA provides recommendations for further development of the team, which can be an important resource for academics, cybersecurity experts and government officials interested in improving the effectiveness of cyber threat response. It highlights the importance of assessing cyber incident response teams to ensure cybersecurity and information protection. Awareness of this issue contributes to continuous improvement and readiness to respond effectively to growing challenges in the modern digital environment.
APA, Harvard, Vancouver, ISO, and other styles
7

Abdullahi Garba, Adamu, Aliyu Musa Bade, Muktar Yahuza, and Ya’u Nuhu. "Cybersecurity capability maturity models review and application domain." International Journal of Engineering & Technology 9, no. 3 (September 2, 2020): 779. http://dx.doi.org/10.14419/ijet.v9i3.30719.

Full text
Abstract:
Cybersecurity is a way of protecting organization critical assets, through the identification of cyber threats that can compromise the information stored, it involves the protection, identification, and responding to threats. The main aim of this article is to conduct an ample review of the published cybersecurity capability maturity models using a systematic review of published articles from 2014 to 2019. Features of Hal- vorsen and Conradi’s taxonomy were adopted to explain the models identified. The results indicated adopting a model to a certain organization is not feasible. However, modification is required before implementation, as the cost of implementation is not available when conducting this research.
APA, Harvard, Vancouver, ISO, and other styles
8

Razikin, Khairur, and Agus Widodo. "General Cybersecurity Maturity Assessment Model: Best Practice to Achieve Payment Card Industry-Data Security Standard (PCI-DSS) Compliance." CommIT (Communication and Information Technology) Journal 15, no. 2 (August 31, 2021): 91–104. http://dx.doi.org/10.21512/commit.v15i2.6931.

Full text
Abstract:
The use of technology in the era of the Industrial Revolution 4.0 is essential, marked by the use of technology in the economy and business. This situation makes many companies in the payment sector have to improve their information technology security systems. In Indonesia, Bank Indonesia and the Financial Services Authority (Otoritas Jasa Keuangan - OJK) are agencies that provide operational permits for companies by making Payment Card Industry-Data Security Standard (PCI-DSS) certification as one of the requirements for companies to obtain operating permits. However, not all companies can easily get PCI-DSS certification because many companies still do not meet the PCI-DSS requirements. The research offers a methodology for measuring the level of technology and information maturity using general cybersecurity requirements adopted from the cybersecurity frameworks of CIS, NIST, and Cobit. Then, the research also performs qualitative calculations based on interviews, observations, and data surveys conducted on switching companies that have been able to implement and obtain certification. PCI-DSS to produce practical cybersecurity measures, in general, can be used as a measure of the maturity of technology and information security. The results and discussion provide a model assessment tool on the procedures and requirements needed to obtain PCI-DSS certification. The maturity level value of PT XYZ is 4.0667 at maturity level 4, namely quantitatively managed, approaching level 5 as the highest level at maturity level.
APA, Harvard, Vancouver, ISO, and other styles
9

Coleman, Joe. "The DOD's CMMC 2.0: What Heat Treaters Need to Know." AM&P Technical Articles 182, no. 2 (March 1, 2024): 37–39. http://dx.doi.org/10.31399/asm.amp.2024-02.p037.

Full text
Abstract:
Abstract Cybersecurity Maturity Model Certification (CMMC) 2.0 represents the most recent iteration of the US Department of Defense's cybersecurity regulations. The CMMC 2.0 framework was developed to improve the cybersecurity posture of defense contractors and their supply chain, including heat treaters. This article reviews key requirements and how DoD contractors can prepare for compliance.
APA, Harvard, Vancouver, ISO, and other styles
10

Abhilash Maroju, Srinivas A Vaddadi, Sravanthi Dontu, Rohith Vallabhaneni,. "An Empirical Paradigm on Cybersecurity Vulnerability Mitigation Framework." International Journal on Recent and Innovation Trends in Computing and Communication 11, no. 9s (August 31, 2023): 786–92. http://dx.doi.org/10.17762/ijritcc.v11i9s.9484.

Full text
Abstract:
Current cybersecurity vulnerability assessment tools were developed in accordance with guidelines established by entities like the National Institute of Standards and Technology (NIST) and the United States Department of Energy. When assessing their facility's cybersecurity maturity, owners and operators of critical infrastructure frequently use frameworks like the NIST Cybersecurity Framework (CSF) and the cybersecurity capability maturity model (C2M2). These frameworks are great at finding vulnerabilities and doing qualitative cybersecurity analysis, but they don't help you get to the level of cybersecurity maturity you want by letting you prioritise how you fix those flaws. Cyber dangers pose a significant risk to businesses and are becoming more pervasive in our everyday lives. In this way, businesses may devise a strategy and set of guidelines by simulating a breach attack. But these strategies are based on experts' tacit knowledge. In response to this problem, the authors of this study suggest an automated and formal process for creating prioritised action plans to enhance environmental transparency. An experiment proving the validity of the proposed method was conducted, yielding consistent and applicable results to the tested scenario. Through testing against a real-world cyberattack that targeted industrial control systems at a critical infrastructure facility, this article presents a thorough architecture of CyFEr and demonstrates its application to CSF.
APA, Harvard, Vancouver, ISO, and other styles
More sources

Dissertations / Theses on the topic "Cybersecurity maturity model"

1

Santos, Ricardo Meléndez, Anthony Aguilar Gallardo, and Jimmy Armas Aguirre. "Reference Model to Identify the Maturity Level of Cyber Threat Intelligence on the Dark Web." Repositorio Academico - UPC, 2021. http://hdl.handle.net/10757/653788.

Full text
Abstract:
El texto completo de este trabajo no está disponible en el Repositorio Académico UPC por restricciones de la casa editorial donde ha sido publicado.
In this article, we propose a reference model to identify the maturity level of the cyber intelligence threat process. This proposal considers the dark web as an important source of cyber threats causing a latent risk that organizations do not consider in their cybersecurity strategies. The proposed model aims to increase the maturity level of the process through a set of proposed controls according to the information found on the dark web. The model consists of three phases: (1) Identification of information assets using cyber threat intelligence tools. (2) Diagnosis of the exposure of information assets. (3) Proposal of controls according to the proposed categories and criteria. The validation of the proposal was carried out in an insurance institution in Lima, Peru, with data obtained by the institution. The measurement was made with artifacts that allowed to obtain an initial value of the current panorama of the company. Preliminary results showed 196 emails and passwords exposed on the dark web of which one corresponded to the technology manager of the company under evaluation. With this identification, it was diagnosed that the institution was at a “Normal” maturity level, and from the implementation of the proposed controls, the “Advanced” level was reached.
Revisión por pares
APA, Harvard, Vancouver, ISO, and other styles
2

Pérez, Navarro Henry Bryan, and Jara Humberto Luis Salcedo. "Modelo de madurez en ciberseguridad para empresas que manejan datos de salud." Bachelor's thesis, Universidad Peruana de Ciencias Aplicadas (UPC), 2021. http://hdl.handle.net/10757/655801.

Full text
Abstract:
El avance de la digitalización en distintas industrias trae consigo nuevos riesgos potenciales. Aquellas que pertenecen al sector salud se encuentran entre las que mayores riesgos deben enfrentar. La privacidad de los datos en el sector salud se encuentra regulada y las multas por el incumplimiento de normativas pueden afectar a las compañías, ya que esto indica que ponen en peligro los datos personales de sus clientes. Por ello, las industrias que pertenecen a este sector, necesitan una herramienta que facilite la identificación de capacidades en Ciberseguridad, Privacidad y gestión de datos de salud para cumplir con las normativas vigentes, y reducir los riesgos que comprometan la confidencialidad, integridad y accesibilidad de los datos. En este trabajo se propone un modelo de madurez de capacidades que identifica el grado de fiabilidad de los elementos de Ciberseguridad y Privacidad aplicados al Sector Salud. Esto se realizó mediante la selección de modelos, frameworks y normativas, aumentando su complejidad mediante la integración de capacidades de privacidad y gestión de datos de salud. El modelo se validó en una empresa del sector salud con una herramienta de diagnóstico y se observaron los resultados. Los resultados obtenidos se compararon con los componentes originales del modelo para verificar que los componentes se integraron holísticamente. Además, se entregó un formulario de evaluación del modelo a la empresa cliente para comprobar el nivel de satisfacción con respecto al uso del modelo y sus componentes.
The advancement of digitalization in different sectors brings along with it new potential risks. One of the sectors that have to confront said risks is the health sector. Data privacy in the health sector is heavily regulated and fines for non-compliance can affect the companies since it implies putting the client’s personal data at risk. Because of this, businesses belonging to the health sector need a tool to help with the identification of capabilities in Cybersecurity, Privacy and Health data management to achieve compliance with the current norms and reduce risks that might compromise the Confidentiality, Integrity and Availability of data This work proposes a capability maturity model that can identify the reliability of Cybersecurity and Privacy elements applied to the Health Sector. This was achieved through the use of models, frameworks and norms; allowing us to increase their complexity through the integration of privacy and health information management capacities. The model was validated by using a diagnosis tool in a health sector business and observing the results. The obtained results were compared with the original components of the model to verify the holistic integration of said components. We also used a model evaluation form to measure the satisfaction level of the business regarding the use of the model and its components.
Tesis
APA, Harvard, Vancouver, ISO, and other styles
3

Aguilar, Gallardo Anthony Josue, and Santos Ricardo Alfonso Meléndez. "Modelo de referencia para identificar el nivel de madurez de ciberinteligencia de amenazas en la dark web." Bachelor's thesis, Universidad Peruana de Ciencias Aplicadas (UPC), 2020. http://hdl.handle.net/10757/653512.

Full text
Abstract:
La web oscura es una zona propicia para actividades ilegales de todo tipo. En los últimos tiempos los cibercriminales están cambiando su enfoque hacia el tráfico de informacion (personal o corporativa) porque los riesgos son mucho más bajos en comparación con otros tipos de delito. Hay una gran cantidad de información alojada aquí, pero pocas compañías saben cómo acceder a estos datos, evaluarlos y minimizar el daño que puedan causar. El presente trabajo propone un modelo de referencia para identificar el nivel de madurez del proceso de Ciber Inteligencia de Amenazas. Esta propuesta considera la información comprometida en la web oscura, originando un riesgo latente que las organizaciones no consideran en sus estrategias de ciberseguridad. El modelo propuesto tiene como objetivo aumentar el nivel de madurez del proceso mediante un conjunto de controles propuestos de acuerdo a los hallazgos encontrados en la web oscura. El modelo consta de 3 fases:1. Identificación de los activos de información mediante herramientas de Ciber inteligencia de amenazas. 2. Diagnóstico de la exposición de los activos de información. 3. Propuesta de controles según las categorías y criterios propuestos. La validación de la propuesta se realizó en una institución de seguros en Lima, Perú con datos obtenidos por la institución. Los resultados preliminares mostraron 196 correos electrónicos y contraseñas expuestos en la web oscura de los cuales 1 correspondía al Gerente de Tecnología. Con esta identificación, se diagnosticó que la institución se encontraba en un nivel de madurez “Normal”, y a partir de la implementación de los controles propuestos se llegó al nivel “Avanzado”.
The dark web is an area conducive to illegal activities of all kinds. In recent times, cybercriminals are changing their approach towards information trafficking (personal or corporate) because the risks are much lower compared to other types of crime. There is a wealth of information hosted here, but few companies know how to access this data, evaluate it, and minimize the damage it can cause. In this work, we propose a reference model to identify the maturity level of the Cyber ​​Intelligence Threat process. This proposal considers the dark web as an important source of cyber threats causing a latent risk that organizations do not consider in their cybersecurity strategies. The proposed model aims to increase the maturity level of the process through a set of proposed controls according to the information found on the dark web. The model consists of 3 phases: 1. Identification of information assets using cyber threat intelligence tools. 2. Diagnosis of the exposure of information assets. 3. Proposal of controls according to the proposed categories and criteria. The validation of the proposal was carried out in an insurance institution in Lima, Peru with data obtained by the institution. Preliminary results showed 196 emails and passwords exposed on the dark web of which 1 corresponded to the Technology Manager of the company under evaluation. With this identification, it was diagnosed that the institution was at a “Normal” maturity level, and from the implementation of the proposed controls the “Advanced” level was reached.
Tesis
APA, Harvard, Vancouver, ISO, and other styles

Books on the topic "Cybersecurity maturity model"

1

Cybersecurity Maturity Model Certification (CMMC) - a Pocket Guide. IT Governance Ltd, 2020.

Find full text
APA, Harvard, Vancouver, ISO, and other styles
2

Voice), Maxwell (Male Synthesized. Cybersecurity Maturity Model Certification (CMMC) - a Pocket Guide. de Gruyter GmbH, Walter, 2020.

Find full text
APA, Harvard, Vancouver, ISO, and other styles
3

MARK A RUSSO CISSP-ISSAP CISO. Cybersecurity Maturity Model Certification ~ 2ND EDITION: CUI Classification, Marking, and Storage Guide. Independently Published, 2019.

Find full text
APA, Harvard, Vancouver, ISO, and other styles
4

MARK A RUSSO CISSP-ISSAP CISO. Cybersecurity Maturity Model Certification : Levels 1-3 Manual: Detailed Security Control Implementation Guidance. Independently Published, 2019.

Find full text
APA, Harvard, Vancouver, ISO, and other styles
5

Government, U. S., and Department of Homeland Security. Best Practices for Planning a Cybersecurity Workforce and the National Initiative for Cybersecurity Education (NICE) Cybersecurity Capability Maturity Model - Benefits of Workforce Planning. Independently Published, 2018.

Find full text
APA, Harvard, Vancouver, ISO, and other styles
6

Cybersecurity Maturity Model Certification Handbook: A Complete Guide for Preparing for Levels 1-3 CMMC Certification. Repose Reading, 2021.

Find full text
APA, Harvard, Vancouver, ISO, and other styles
7

Cybersecurity Maturity Model Certification CMMC 2. 0 Assessment Handbook: An Implementation and Self-Assessment Guide for CUI, NIST SP 800-171, and CMMC 2. 0. Independently Published, 2022.

Find full text
APA, Harvard, Vancouver, ISO, and other styles

Book chapters on the topic "Cybersecurity maturity model"

1

Donalds, Charlette, Corlane Barclay, and Kweku-Muata Osei-Bryson. "The Cybersecurity Capability Maturity Model for Sustainable Security Advantage." In Cybercrime and Cybersecurity in the Global South, 175–90. Boca Raton: Routledge, 2022. http://dx.doi.org/10.1201/9781003028710-12.

Full text
APA, Harvard, Vancouver, ISO, and other styles
2

Kreppein, Alexander, Alexander Kies, and Robert H. Schmitt. "Novel Maturity Model for Cybersecurity Evaluation in Industry 4.0." In Communications in Computer and Information Science, 198–210. Singapore: Springer Singapore, 2021. http://dx.doi.org/10.1007/978-981-16-8059-5_12.

Full text
APA, Harvard, Vancouver, ISO, and other styles
3

Yigit Ozkan, Bilge, and Marco Spruit. "A Questionnaire Model for Cybersecurity Maturity Assessment of Critical Infrastructures." In Lecture Notes in Computer Science, 49–60. Cham: Springer International Publishing, 2019. http://dx.doi.org/10.1007/978-3-030-12085-6_5.

Full text
APA, Harvard, Vancouver, ISO, and other styles
4

Gao, Zimeng, Fei Xing, and Guochao Peng. "Research on the Capability Maturity Model of Data Security in the Era of Digital Transformation." In HCI for Cybersecurity, Privacy and Trust, 151–62. Cham: Springer Nature Switzerland, 2023. http://dx.doi.org/10.1007/978-3-031-35822-7_11.

Full text
APA, Harvard, Vancouver, ISO, and other styles
5

Baninemeh, Elena, Harold Toomey, Katsiaryna Labunets, Gerard Wagenaar, and Slinger Jansen. "An Evaluation of the Product Security Maturity Model Through Case Studies at 15 Software Producing Organizations." In Lecture Notes in Business Information Processing, 327–43. Cham: Springer Nature Switzerland, 2024. http://dx.doi.org/10.1007/978-3-031-53227-6_23.

Full text
Abstract:
AbstractCybersecurity is becoming increasingly important from a software business perspective. The software that is produced and sold generally becomes part of a complex landscape of customer applications and enlarges the risk that customer organizations take. Increasingly, software producing organizations are realizing that they are on the front lines of the cybersecurity battles. Maintaining security in a software product and software production process directly influences the livelihood of a software business. There are many models for evaluating security of software products. The product security maturity model is commonly used in the industry but has not received academic recognition. In this paper we report on the evaluation of the product security maturity model on usefulness, applicability, and effectiveness. The evaluation has been performed through 15 case studies. We find that the model, though rudimentary, serves medium to large organizations well and that the model is not so applicable within smaller organizations.
APA, Harvard, Vancouver, ISO, and other styles
6

Ahouanmenou, Steve. "Towards a Cybersecurity Maturity Model Specific for the Healthcare Sector: Focus on Hospitals." In Research Challenges in Information Science, 141–48. Cham: Springer Nature Switzerland, 2024. http://dx.doi.org/10.1007/978-3-031-59468-7_16.

Full text
APA, Harvard, Vancouver, ISO, and other styles
7

Kendzierskyj, Stefan, Hamid Jahankhani, Arshad Jamal, Osama Hussien, and Longzhi Yang. "The Role of Blockchain with a Cybersecurity Maturity Model in the Governance of Higher Education Supply Chains." In Advanced Sciences and Technologies for Security Applications, 1–35. Cham: Springer Nature Switzerland, 2023. http://dx.doi.org/10.1007/978-3-031-33627-0_1.

Full text
APA, Harvard, Vancouver, ISO, and other styles
8

Acosta, Mauricio Alexander Nieto, and Hamid Jahankhani. "An Empirical Study into Ransomware Campaigns Against the Education Sector and Adopting the Cybersecurity Maturity Model Certification Framework." In Advanced Sciences and Technologies for Security Applications, 67–103. Cham: Springer Nature Switzerland, 2023. http://dx.doi.org/10.1007/978-3-031-33627-0_4.

Full text
APA, Harvard, Vancouver, ISO, and other styles
9

Buzdugan, Aurelian, and Gheorghe Căpățână. "The Trends in Cybersecurity Maturity Models." In Education, Research and Business Technologies, 217–28. Singapore: Springer Nature Singapore, 2023. http://dx.doi.org/10.1007/978-981-19-6755-9_18.

Full text
APA, Harvard, Vancouver, ISO, and other styles
10

Möller, Dietmar P. F. "Cybersecurity Maturity Models and SWOT Analysis." In Advances in Information Security, 305–46. Cham: Springer Nature Switzerland, 2023. http://dx.doi.org/10.1007/978-3-031-26845-8_7.

Full text
APA, Harvard, Vancouver, ISO, and other styles

Conference papers on the topic "Cybersecurity maturity model"

1

Cobos, Salvador, Armando Garayar, and David Mauricio. "Cybersecurity Maturity Model Against Ransomware Attacks for the Financial Sector." In 2024 IEEE ANDESCON, 1–6. IEEE, 2024. http://dx.doi.org/10.1109/andescon61840.2024.10755867.

Full text
APA, Harvard, Vancouver, ISO, and other styles
2

Gourisetti, Sri Nikhil Gupta, Scott Mix, Michael Mylrea, Christopher Bonebrake, and Md Touhiduzzaman. "Secure Design and Development Cybersecurity Capability Maturity Model (SD2-C2M2)." In NCS '19: Northwest Cybersecurity Symposium. New York, NY, USA: ACM, 2019. http://dx.doi.org/10.1145/3332448.3332461.

Full text
APA, Harvard, Vancouver, ISO, and other styles
3

Bhattacharya, Souradeep, Burhan Hyder, and Manimaran Govindarasu. "ICS-CTM2: Industrial Control System Cybersecurity Testbed Maturity Model." In 2022 Resilience Week (RWS). IEEE, 2022. http://dx.doi.org/10.1109/rws55399.2022.9984023.

Full text
APA, Harvard, Vancouver, ISO, and other styles
4

Azambuja, Antonio João, and João Souza Neto. "Modelo de maturidade de segurança cibernética para os órgãos da Administração Pública Federal." In II Workshop de Segurança Cibernética em Dispositivos Conectados. Sociedade Brasileira de Computação - SBC, 2019. http://dx.doi.org/10.5753/wscdc.2019.7707.

Full text
Abstract:
This paper presents a Cybersecurity maturity model for the agencies of the Brazilian Federal Public Administration. Qualitative research was conducted to analyze Cybersecurity maturity models found in the literature, which served as ground to develop the proposed model. To analyze, understand and construe the qualitative material, we used content analysis and an online questionnaire as technical procedures. The content analysis was divided into pre-analysis, material exploration and handling of results which allowed setting the domains of the proposed model. The model was applied through an online questionnaire to some agencies of the Brazilian Federal Public Administration. The results evidenced that, in general, the agencies surveyed have low maturity in Cybersecurity.
APA, Harvard, Vancouver, ISO, and other styles
5

Rojas, Aaron Joseph Serrano, Erick Fabrizzio Paniura Valencia, Jimmy Armas-Aguirre, and Juan Manuel Madrid Molina. "Cybersecurity maturity model for the protection and privacy of personal health data." In 2022 IEEE 2nd International Conference on Advanced Learning Technologies on Education & Research (ICALTER). IEEE, 2022. http://dx.doi.org/10.1109/icalter57193.2022.9964729.

Full text
APA, Harvard, Vancouver, ISO, and other styles
6

Alayo, Jorge Gutierrez, Paul Necochea Mendoza, Jimmy Armas-Aguirre, and Juan Madrid Molina. "Cybersecurity maturity model for providing services in the financial sector in Peru." In 2021 Congreso Internacional de Innovación y Tendencias en Ingeniería (CONIITI). IEEE, 2021. http://dx.doi.org/10.1109/coniiti53815.2021.9619733.

Full text
APA, Harvard, Vancouver, ISO, and other styles
7

Arenas, Ethan, Juan Palomino, and Juan-Pablo Mansilla. "Cybersecurity Maturity Model to Prevent Cyberattacks on Web Applications Based on ISO 27032 and NIST." In 2023 IEEE XXX International Conference on Electronics, Electrical Engineering and Computing (INTERCON). IEEE, 2023. http://dx.doi.org/10.1109/intercon59652.2023.10326028.

Full text
APA, Harvard, Vancouver, ISO, and other styles
8

Barclay, Corlane. "Sustainable security advantage in a changing environment: The Cybersecurity Capability Maturity Model (CM2)." In 2014 ITU Kaleidoscope: Living in a Converged World - Impossible without Standards? (K-2014). IEEE, 2014. http://dx.doi.org/10.1109/kaleidoscope.2014.6858466.

Full text
APA, Harvard, Vancouver, ISO, and other styles
9

Kioskli, Kitty, Spyridon Papastergiou, Theofanis Fotis, Stefano Silvestri, and Haralambos Mouratidis. "A Self-Organized Swarm Intelligence Solution for Healthcare ICT Security." In 15th International Conference on Applied Human Factors and Ergonomics (AHFE 2024). AHFE International, 2024. http://dx.doi.org/10.54941/ahfe1004780.

Full text
Abstract:
The healthcare sector has undergone significant transformation in recent years, driven by the adoption of advanced medical technologies like IoT, Cloud Computing, and Big Data. This evolution began with the integration of electronic health records and has expanded to encompass a wide range of digital tools, from medical apps to wearables. These technological advancements have played a crucial role in enhancing patient experiences and outcomes. As healthcare technology has become increasingly interconnected, both physically and in the cyber realm, it has evolved into vast Health Care Information Infrastructures (HCIIs). These HCIIs are of paramount importance due to their critical role in people's well-being and safety. Any disruption, whether through direct actions like medical errors, or indirect actions such as altering patient records can have severe consequences for patient health. Currently, HCIIs are vulnerable because they often rely on isolated cybersecurity products. There is a pressing need to establish a comprehensive security strategy that can coordinate various security components to detect system vulnerabilities and sophisticated attacks. To address this complex challenge, it is essential to break down cybersecurity concerns in the healthcare sector based on the criticality of their assets. Prioritizing emerging solutions in this manner will help mitigate the complexity of the problem. Cyberattacks on the healthcare sector have become increasingly sophisticated and involve not only technical vulnerabilities but also social engineering tactics that exploit individuals with limited technical knowledge. European health and cybersecurity experts must collaborate to develop policies and standards that elevate security maturity throughout the EU. Ultimately, cybersecurity solutions in healthcare should not only enhance security but also have a positive business impact, enabling new services, collaborations, and market opportunities. The proposed solution in this study, represents a state-of-the-art approach to enhancing cybersecurity within HCIIs. It improves the detection and analysis of cyber threats and increases awareness of privacy and security risks in the digital healthcare ecosystem. By providing a Dynamic Situational Awareness Framework, the solution empowers stakeholders in the healthcare sector to recognize, model, and respond to cyber risks, including advanced persistent threats and daily cybersecurity incidents. Additionally, it facilitates the secure exchange of incident-related information aiming to strengthen the security and resilience of modern digital healthcare systems and the associated medical supply chain services. The proposed solution extends the frontiers of various research fields, including security engineering, privacy engineering, and artificial intelligence. Drawing inspiration from biological swarm formations, it brings together these disciplines to empower stakeholders in digital healthcare ecosystems. This leads to the creation of a highly interconnected and advanced intelligence system, comprised of simple nodes or groups of nodes, enabling local interactions and management of healthcare environments. By employing bio-inspired techniques and large-group decision-making models, the framework enhances communication and coordination in complex, distributed networks typical of interconnected healthcare infrastructures. It prioritizes scalability and fault-tolerance, allowing coordinated actions without a central coordinator. This approach streamlines investigation activities within healthcare ecosystems, fostering dynamic intelligence and collective decision-making, even when individual nodes lack a complete view of the situation.
APA, Harvard, Vancouver, ISO, and other styles
10

Rea-Guaman, A. M., I. D. Sanchez-Garcia, T. San Feliu, and J. A. Calvo-Manzano. "Maturity models in cybersecurity: A systematic review." In 2017 12th Iberian Conference on Information Systems and Technologies (CISTI). IEEE, 2017. http://dx.doi.org/10.23919/cisti.2017.7975865.

Full text
APA, Harvard, Vancouver, ISO, and other styles

Reports on the topic "Cybersecurity maturity model"

1

Lewis, James Andrew. Advanced Experiences in Cybersecurity Policies and Practices: An Overview of Estonia, Israel, South Korea, and the United States. Inter-American Development Bank, July 2016. http://dx.doi.org/10.18235/0007970.

Full text
Abstract:
Access to the Internet increases productivity, national income, and employment. Access to information catalyzes growth. However, these opportunities come with risk. Digital technologies are not mature and can be easily exploited by criminals and other antagonists. This discussion paper looks at the experience of four countries -Estonia, Israel, South Korea, and the United States- that are among the most advanced in cybersecurity, to see how they have tackled this problem and what lessons can be learned from their experiences. To provide a structured assessment, CSIS, under the leadership of James A. Lewis, has based this review on the Cybersecurity Capability Maturity Model (CMM), originally applied in the 2016 Cybersecurity Report: Are We Ready in Latin America and the Caribbean? The CMM approaches cybersecurity through five dimensions of capacity and evaluates them along five stages of maturity for each of its 49 indicators. This document will complement the 2016 Cybersecurity Report by providing an overview of the experiences of these leading countries, describing how they have approached the problem of cybersecurity and how their policies have evolved. It serves as a useful guide to other countries as they develop their own national approaches to cybersecurity.
APA, Harvard, Vancouver, ISO, and other styles
2

Georgiev, Venelin. Comparative Analysis of Models for Assessing the Maturity of Cybersecurity Capabilities. Procon, 2021. http://dx.doi.org/10.11610/it4sec.0138.

Full text
APA, Harvard, Vancouver, ISO, and other styles
3

Cybersecurity: Are We Ready in Latin America and the Caribbean? Inter-American Development Bank, March 2016. http://dx.doi.org/10.18235/0006517.

Full text
Abstract:
The manner in which nation states and regions address cybersecurity capacity is essential for effective, efficient, and sustainable cybersecurity. The 2016 Cybersecurity Report is the result of the collaboration between the Inter-American Development Bank (IDB), the Organization of American States (OAS), and the Global Cyber Security Capacity Centre (GCSCC) at the University of Oxford. The report presents a complete picture and update on the status of cybersecurity (risks, challenges, and opportunities) of Latin America and the Caribbean countries. The first section consists of a series of essays on cybersecurity trends in the region contributed by internationally recognized experts in the field. The second examines the "cyber maturity" of each country through the Cybersecurity Capability Maturity Model (CMM), which approaches cybersecurity considerations through five dimensions of capacity and evaluates them along five maturity stages for each of its 49 indicators. The CMM is the first of its kind in terms of the breadth and depth in each aspect of cybersecurity capacity. It is built on a foundation of multi-stakeholder consultation and respect for human rights, carefully balancing the need for security to enable economic growth and sustainability while respecting the right of freedom of expression and the right to privacy.
APA, Harvard, Vancouver, ISO, and other styles
You might also be interested in the extended bibliographies on the topic 'Cybersecurity maturity model' for particular source types:
Journal articles
We offer discounts on all premium plans for authors whose works are included in thematic literature selections. Contact us to get a unique promo code!

To the bibliography