Bibliografie tematiche / Cybersecurity Maturity Model Certification

Letteratura scientifica selezionata sul tema "Cybersecurity Maturity Model Certification"

Autore: Grafiati

Pubblicato: 26 luglio 2024

Ultima modifica: 27 luglio 2024

Cita una fonte nei formati APA, MLA, Chicago, Harvard e in molti altri stili

Scegli il tipo di fonte:

Consulta la lista di attuali articoli, libri, tesi, atti di convegni e altre fonti scientifiche attinenti al tema "Cybersecurity Maturity Model Certification".

Accanto a ogni fonte nell'elenco di riferimenti c'è un pulsante "Aggiungi alla bibliografia". Premilo e genereremo automaticamente la citazione bibliografica dell'opera scelta nello stile citazionale di cui hai bisogno: APA, MLA, Harvard, Chicago, Vancouver ecc.

Puoi anche scaricare il testo completo della pubblicazione scientifica nel formato .pdf e leggere online l'abstract (il sommario) dell'opera se è presente nei metadati.

Articoli di riviste sul tema "Cybersecurity Maturity Model Certification"

Razikin, Khairur, e Agus Widodo. "General Cybersecurity Maturity Assessment Model: Best Practice to Achieve Payment Card Industry-Data Security Standard (PCI-DSS) Compliance". CommIT (Communication and Information Technology) Journal 15, n. 2 (31 agosto 2021): 91–104. http://dx.doi.org/10.21512/commit.v15i2.6931.

Testo completo

Abstract (sommario):

The use of technology in the era of the Industrial Revolution 4.0 is essential, marked by the use of technology in the economy and business. This situation makes many companies in the payment sector have to improve their information technology security systems. In Indonesia, Bank Indonesia and the Financial Services Authority (Otoritas Jasa Keuangan - OJK) are agencies that provide operational permits for companies by making Payment Card Industry-Data Security Standard (PCI-DSS) certification as one of the requirements for companies to obtain operating permits. However, not all companies can easily get PCI-DSS certification because many companies still do not meet the PCI-DSS requirements. The research offers a methodology for measuring the level of technology and information maturity using general cybersecurity requirements adopted from the cybersecurity frameworks of CIS, NIST, and Cobit. Then, the research also performs qualitative calculations based on interviews, observations, and data surveys conducted on switching companies that have been able to implement and obtain certification. PCI-DSS to produce practical cybersecurity measures, in general, can be used as a measure of the maturity of technology and information security. The results and discussion provide a model assessment tool on the procedures and requirements needed to obtain PCI-DSS certification. The maturity level value of PT XYZ is 4.0667 at maturity level 4, namely quantitatively managed, approaching level 5 as the highest level at maturity level.

Gli stili APA, Harvard, Vancouver, ISO e altri

Coleman, Joe. "The DOD's CMMC 2.0: What Heat Treaters Need to Know". AM&P Technical Articles 182, n. 2 (1 marzo 2024): 37–39. http://dx.doi.org/10.31399/asm.amp.2024-02.p037.

Testo completo

Abstract (sommario):

Abstract Cybersecurity Maturity Model Certification (CMMC) 2.0 represents the most recent iteration of the US Department of Defense's cybersecurity regulations. The CMMC 2.0 framework was developed to improve the cybersecurity posture of defense contractors and their supply chain, including heat treaters. This article reviews key requirements and how DoD contractors can prepare for compliance.

Gli stili APA, Harvard, Vancouver, ISO e altri

Fleming, Courtney, Mark Reith e Wayne Henry. "Securing Commercial Satellites for Military Operations: A Cybersecurity Supply Chain Framework". International Conference on Cyber Warfare and Security 18, n. 1 (28 febbraio 2023): 85–92. http://dx.doi.org/10.34190/iccws.18.1.1062.

Testo completo

Abstract (sommario):

The increased reliance on commercial satellites for military operations has made it essential for the Department of Defense (DoD) to adopt a supply chain framework to address cybersecurity threats in space. This paper presents a satellite supply chain framework, the Cybersecurity Supply Chain (CSSC) Framework, for the DoD in the evaluation and selection of commercial satellite contracts. The proposed strategy is informed by research on cybersecurity threats to commercial satellites, national security concerns, current DoD policy, and previous cybersecurity frameworks. This paper aims to provide a comprehensive approach for safeguarding commercial satellites used by the DoD and ensuring the security of their supporting components. Inspired by the National Institute of Standards and Technology (NIST) 800-171 requirements and the DoD’s future Cybersecurity Maturity Model Certification (CMMC) process, the two-part framework significantly streamlines the NIST requirements to accommodate small businesses. It also extends key NIST requirements to commercial-off-the-shelf (COTS) suppliers. The CSSC Framework complements the CMMC certification process by addressing the need for cybersecurity requirements for all subcontractors supporting a commercial space asset. The framework incorporates a scoring process similar to CMMC scoring, granting points to a subcontractor for meeting the cybersecurity requirements outlined by the framework. In addition, the framework creates a space architecture overview that details the overall bid score and establishes a matrix based on individual requirements. This model and matrix allow DoD acquisition personnel to closely analyze each contract bid, comparing the subcontractor's strengths and weaknesses to other bidders. The CSSC Framework will allow the DoD to apply NIST standards to subcontractors who do not meet the requirements for CMMC certification.

Gli stili APA, Harvard, Vancouver, ISO e altri

Levy, Yair, e Ruti Gafni. "Towards the quantification of cybersecurity footprint for SMBs using the CMMC 2.0". Online Journal of Applied Knowledge Management 10, n. 1 (6 settembre 2022): 43–61. http://dx.doi.org/10.36965/ojakm.2022.10(1)43-61.

Testo completo

Abstract (sommario):

Organizations, small and big, are faced with major cybersecurity challenges over the past several decades, as the proliferation of information systems and mobile devices expand. While larger organizations invest significant efforts in developing approaches to deal with cybersecurity incidents, Small and Medium Businesses (SMBs) are still struggling with ways to both keep their businesses alive and secure their systems to the best of their abilities. When it comes to critical systems, such as defense industries, the interconnectivities of organizations in the supply-chain have demonstrated to be problematic given the depth required to provide a high-level cybersecurity posture. The United States (U.S.) Department of Defense (DoD) with the partnership of the Defense Industry Base (DIB) have developed the Cybersecurity Maturity Model Certification (CMMC) in 2020 with a third-party mandate for Level 1 certification. Following an outcry from many DIB organizations, a newly revised CMMC 2.0 was introduced in late 2021 where Level 1 (Fundamental) was adjusted for annual self-assessment. CMMC 2.0 provides the 17 practices that organizations should self-assess. While these 17 practices provide initial guidance for assessment, the specific level of measurement and how it impacts their overall cybersecurity posture is vague. Specifically, many of these practices use non-quantifiable terms such as “limit”, “verify”, “control”, “identify”, etc. The focus of this work is to provide SMBs with a quantifiable method to self-assess their Cybersecurity Footprint following the CMMC 2.0 Level 1 practices. This paper outlines the foundational literature work conducted in support of the proposed quantification Cybersecurity Footprint Index (CFI) using 26 elements that correspond to the relevant CMMC 2.0 Level 1 practices.

Gli stili APA, Harvard, Vancouver, ISO e altri

Tsvilii, Olena. "Cybersecurity regulation: cybersecurity certification of operational technologies". Technology audit and production reserves 1, n. 2(57) (28 febbraio 2021): 54–60. http://dx.doi.org/10.15587/2706-5448.2021.225271.

Testo completo

Abstract (sommario):

The object of research is the system and schemes of conformity assessment (certification) of cybersecurity of operational technologies (OT), as a set of rules and procedures that describe the objects of certification, determine the specified requirements and provide a methodology for certification. The terminological base and conceptual apparatus of the study of cybersecurity certification of operational technologies are based on the international standard ISO 17000:2020 Conformity assessment – Vocabulary and general principles. Cybersecurity certification systems and schemes are based on assessment standards, the choice and application of which is not unambiguous and historically has many interpretations and application mechanisms. These standards consist of tools, policies, security concepts, security assurances, guidelines, risk management approaches, best practices, safeguards, and technologies. But they have, to one degree or another, a significant drawback – the complexity of transforming the results of information security assessment according to these standards into security guarantees with any wide international recognition. In the context of globalization, this significantly degrades the cybersecurity quality. The main hypothesis of research is that the cybersecurity quality can be improved by converging towards a common methodology that is based on agreed international standards and international best practice for certification. The question of the key role of cybersecurity for operational technologies, which become the basis for Economy 4.0 and are now considered as a new frontier of cybersecurity, is considered. The need to create a system and schemes for certification of OT cybersecurity based on international and European certification principles is shown. A hierarchical model of cybersecurity certification system assessment standards and a hierarchical model of agreements on mutual recognition of cybersecurity certificates have been developed, which will allow a systematic approach to the creation of a system and schemes for OT cybersecurity certification. This provides an opportunity for developers of systems and certification schemes to form OT cybersecurity certification systems based on the principles of wide cross-border recognition of OT cybersecurity certificates.

Gli stili APA, Harvard, Vancouver, ISO e altri

Tsvilii, Olena. "SYSTEM OF CERTIFICATION OF CYBERSECURITY OF INFORMATION AND COMMUNICATIONS TECHNOLOGIES". Proceedings of the O.S. Popov ОNAT 1, n. 2 (31 dicembre 2020): 121–34. http://dx.doi.org/10.33243/2518-7139-2020-1-2-121-134.

Testo completo

Abstract (sommario):

Cybersecurity of information and communication technologies (hereinafter - ICT) is a key issue for maintaining the functioning and security of the digital economy and public administration in the soon. An important role in the field of cybersecurity is played by the conformity assessment (certification) of cybersecurity. This may apply to the cybersecurity of ICT components, products, equipment, services and processes, to the cybersecurity of cloud services, to the cybersecurity of technological processes, to personal competence in the field of cybersecurity, and so on. Cybersecurity certification rules, procedures, and management establish a certification scheme, and a set of rules and procedures for managing similar or related conformity assessment schemes form a certification system. Creating cybersecurity certification schemes is a priority and relevant today. There are now a number of systems and assessment standards that can be applied to cybersecurity certification, but they do not ensure mutual recognition of test laboratory test and evaluation procedures and results, and the pursuit of harmonized and comparable cybersecurity assessment and implementation procedures. This situation is a global problem. Accordingly, the current legislation of Ukraine in the field of cybersecurity sets tasks for the application of the best international and European principles of conformity assessment of information and cybersecurity. The creation of cybersecurity certification systems and schemes based on international and European principles of conformity assessment requires appropriate scientific and methodological support. The article proposes a hierarchical model of assessment standards for the cybersecurity certification system and a hierarchical model of agreements on mutual recognition of cybersecurity certificates. Also, in the article, based on these models, the basics of the Cyber Security Certification System and Cyber Security Certification Schemes for ICT products and cloud services are proposed, with an emphasis on such elements as: assessment standards; accreditation of certification bodies; mutual recognition of certification results

Gli stili APA, Harvard, Vancouver, ISO e altri

Kour, Ravdeep, Ramin Karim e Adithya Thaduri. "Cybersecurity for railways – A maturity model". Proceedings of the Institution of Mechanical Engineers, Part F: Journal of Rail and Rapid Transit 234, n. 10 (18 ottobre 2019): 1129–48. http://dx.doi.org/10.1177/0954409719881849.

Testo completo

Abstract (sommario):

With the advancements in and widespread adoption of information and communication technologies in infrastructures, cyber-attacks are becoming more frequent and more severe. Advanced cybersecurity threats with automated capabilities are increasing in such sectors as finance, health, grid, retail, government, telecommunications, transportation, etc. Cyber-attacks are also increasing in railways with an impact on railway stakeholders, e.g. threat to the safety of employees, passengers, or the public in general; loss of sensitive railway information; reputational damage; monetary loss; erroneous decisions; loss of dependability, etc. There is a need to move towards advanced security analytics and automation to identify, respond to, and prevent such security breaches. The objective of this research is to reduce cyber risks and vulnerabilities and to improve the cybersecurity capabilities of railways by evaluating their cybersecurity maturity levels and making recommendations for improvements. After assessing various cybersecurity maturity models, the Cybersecurity Capability Maturity Model (C2M2) was selected to assess the cybersecurity capabilities of railway organizations. The contributions of this research are as follows. First, a new maturity level MIL4 (Maturity Indicator Level 4) is introduced in the C2M2 model. Second, the C2M2 model is adapted by adding advanced security analytics and threat intelligence to develop the Railway-Cybersecurity Capability Maturity Model (R-C2M2). The cybersecurity maturity of three railway organizations is evaluated using this model. Third, recommendations and available standards & guidelines are provided to the three railway organizations to improve maturity levels within different domains. In addition, they are given an action plan to implement the recommendations in a streamlined way. The application of this model will allow railway organizations to improve their capability to reduce the impacts of cyber-attacks and eradicate vulnerabilities. The approach can also be extended to other infrastructures with necessary adaptations.

Gli stili APA, Harvard, Vancouver, ISO e altri

Yigit Ozkan, Bilge, Sonny van Lingen e Marco Spruit. "The Cybersecurity Focus Area Maturity (CYSFAM) Model". Journal of Cybersecurity and Privacy 1, n. 1 (13 febbraio 2021): 119–39. http://dx.doi.org/10.3390/jcp1010007.

Testo completo

Abstract (sommario):

The cost of recovery after a cybersecurity attack is likely to be high and may result in the loss of business at the extremes. Evaluating the acquired cybersecurity capabilities and evolving them to a desired state in consideration of risks are inevitable. This research proposes the CYberSecurity Focus Area Maturity (CYSFAM) Model for assessing cybersecurity capabilities. In this design science research, CYSFAM was evaluated at a large financial institution. From the many cybersecurity standards, 11 encompassing focus areas were identified. An assessment instrument—containing 144 questions—was developed. The in-depth single case study demonstrates how and to what extent cybersecurity related deficiencies can be identified. The novel scoring metric has been proven to be adequate, but can be further improved upon. The evaluation results show that the assessment questions suit the case study target audience; the assessment can be performed within four hours; the organization recognizes itself in the result.

Gli stili APA, Harvard, Vancouver, ISO e altri

Kunsook, Kritiyaporn, Sotarat Thammaboosadee e Rojjalak Chuckpaiwong. "Sustainable Organic Farming Maturity Model". International Journal on Advanced Science, Engineering and Information Technology 14, n. 2 (23 aprile 2024): 706–16. http://dx.doi.org/10.18517/ijaseit.14.2.19504.

Testo completo

Abstract (sommario):

Organic farming is of the utmost importance in promoting environmentally sustainable agricultural practices, minimizing environmental contamination, and avoiding using chemical fertilizers and genetically modified organisms (GMOs). Even inexperienced and seasoned farmers frequently encounter formidable obstacles when attempting to authenticate their organic farming status by acquiring organic agriculture certification. The current level of agricultural land maturity is accurately assessed by a comprehensive model presented in this study, which also provides a framework for the transition to organic farming standards. These maturity models were formulated through an exhaustive analysis of agricultural standards, an extensive review of pertinent literature, and expert interviews conducted in 15 distinct locations, with each expert holding certification in a minimum of three organic agricultural standards. Identifying characteristics germane to organic standards, integrating them into maturity models, and establishing maturity items and dimensions are also components of the study. The outcome of our investigation is the Sustainable Organic Farming Maturity (SOFaM) model, which consists of five levels and eight dimensions, as well as a standard operating procedure manual for organic agricultural standard certification applications. This model's potential as an assessment instrument for determining the maturity level of agricultural land has been validated by experts who hold credentials in three distinct domains and three locations. The SOFaM model has the potential to function as a paradigm shift in the agricultural sector, streamline the certification process following organic farming standards, and guarantee adherence to predetermined criteria.

Gli stili APA, Harvard, Vancouver, ISO e altri

Morales-Fernández, Rogelio, José Alfonso Brito-Rojas e Jaime Arturo Villaseñor Marcial. "CAPABILITY MATURITY MODEL INTEGRATION (CMMI)". Revista de Investigación en Tecnologías de la Información 2, n. 3 (giugno 2014): 15–20. http://dx.doi.org/10.36825/riti.02.03.003.

Testo completo

Abstract (sommario):

Capability Maturity Model Integration or CMMI (Capability Maturity Model Integration) is a combination of process improvement models for what is systems engineering, and software, is derived from CMM, differentiating itself from this by the integration of some quality models such as the Electronic Industries Alliance Interim Standard (EIA / IS) 731. Basically the CMMI, is a global certification to measure the maturity of an organization in the design and development of software, to give us an idea of this certification, just There are 117 organizations around the world that can boast of having it. Currently it is one of the most used models worldwide in the software industry, which when applied mainly allows the reduction of costs and decreases the repetition of work.

Gli stili APA, Harvard, Vancouver, ISO e altri

Più fonti

Tesi sul tema "Cybersecurity Maturity Model Certification"

Santos, Ricardo Meléndez, Anthony Aguilar Gallardo e Jimmy Armas Aguirre. "Reference Model to Identify the Maturity Level of Cyber Threat Intelligence on the Dark Web". Repositorio Academico - UPC, 2021. http://hdl.handle.net/10757/653788.

Testo completo

Abstract (sommario):

El texto completo de este trabajo no está disponible en el Repositorio Académico UPC por restricciones de la casa editorial donde ha sido publicado.
In this article, we propose a reference model to identify the maturity level of the cyber intelligence threat process. This proposal considers the dark web as an important source of cyber threats causing a latent risk that organizations do not consider in their cybersecurity strategies. The proposed model aims to increase the maturity level of the process through a set of proposed controls according to the information found on the dark web. The model consists of three phases: (1) Identification of information assets using cyber threat intelligence tools. (2) Diagnosis of the exposure of information assets. (3) Proposal of controls according to the proposed categories and criteria. The validation of the proposal was carried out in an insurance institution in Lima, Peru, with data obtained by the institution. The measurement was made with artifacts that allowed to obtain an initial value of the current panorama of the company. Preliminary results showed 196 emails and passwords exposed on the dark web of which one corresponded to the technology manager of the company under evaluation. With this identification, it was diagnosed that the institution was at a “Normal” maturity level, and from the implementation of the proposed controls, the “Advanced” level was reached.
Revisión por pares

Gli stili APA, Harvard, Vancouver, ISO e altri

Pérez, Navarro Henry Bryan, e Jara Humberto Luis Salcedo. "Modelo de madurez en ciberseguridad para empresas que manejan datos de salud". Bachelor's thesis, Universidad Peruana de Ciencias Aplicadas (UPC), 2021. http://hdl.handle.net/10757/655801.

Testo completo

Abstract (sommario):

El avance de la digitalización en distintas industrias trae consigo nuevos riesgos potenciales. Aquellas que pertenecen al sector salud se encuentran entre las que mayores riesgos deben enfrentar. La privacidad de los datos en el sector salud se encuentra regulada y las multas por el incumplimiento de normativas pueden afectar a las compañías, ya que esto indica que ponen en peligro los datos personales de sus clientes. Por ello, las industrias que pertenecen a este sector, necesitan una herramienta que facilite la identificación de capacidades en Ciberseguridad, Privacidad y gestión de datos de salud para cumplir con las normativas vigentes, y reducir los riesgos que comprometan la confidencialidad, integridad y accesibilidad de los datos. En este trabajo se propone un modelo de madurez de capacidades que identifica el grado de fiabilidad de los elementos de Ciberseguridad y Privacidad aplicados al Sector Salud. Esto se realizó mediante la selección de modelos, frameworks y normativas, aumentando su complejidad mediante la integración de capacidades de privacidad y gestión de datos de salud. El modelo se validó en una empresa del sector salud con una herramienta de diagnóstico y se observaron los resultados. Los resultados obtenidos se compararon con los componentes originales del modelo para verificar que los componentes se integraron holísticamente. Además, se entregó un formulario de evaluación del modelo a la empresa cliente para comprobar el nivel de satisfacción con respecto al uso del modelo y sus componentes.
The advancement of digitalization in different sectors brings along with it new potential risks. One of the sectors that have to confront said risks is the health sector. Data privacy in the health sector is heavily regulated and fines for non-compliance can affect the companies since it implies putting the client’s personal data at risk. Because of this, businesses belonging to the health sector need a tool to help with the identification of capabilities in Cybersecurity, Privacy and Health data management to achieve compliance with the current norms and reduce risks that might compromise the Confidentiality, Integrity and Availability of data This work proposes a capability maturity model that can identify the reliability of Cybersecurity and Privacy elements applied to the Health Sector. This was achieved through the use of models, frameworks and norms; allowing us to increase their complexity through the integration of privacy and health information management capacities. The model was validated by using a diagnosis tool in a health sector business and observing the results. The obtained results were compared with the original components of the model to verify the holistic integration of said components. We also used a model evaluation form to measure the satisfaction level of the business regarding the use of the model and its components.
Tesis

Gli stili APA, Harvard, Vancouver, ISO e altri

Aguilar, Gallardo Anthony Josue, e Santos Ricardo Alfonso Meléndez. "Modelo de referencia para identificar el nivel de madurez de ciberinteligencia de amenazas en la dark web". Bachelor's thesis, Universidad Peruana de Ciencias Aplicadas (UPC), 2020. http://hdl.handle.net/10757/653512.

Testo completo

Abstract (sommario):

La web oscura es una zona propicia para actividades ilegales de todo tipo. En los últimos tiempos los cibercriminales están cambiando su enfoque hacia el tráfico de informacion (personal o corporativa) porque los riesgos son mucho más bajos en comparación con otros tipos de delito. Hay una gran cantidad de información alojada aquí, pero pocas compañías saben cómo acceder a estos datos, evaluarlos y minimizar el daño que puedan causar. El presente trabajo propone un modelo de referencia para identificar el nivel de madurez del proceso de Ciber Inteligencia de Amenazas. Esta propuesta considera la información comprometida en la web oscura, originando un riesgo latente que las organizaciones no consideran en sus estrategias de ciberseguridad. El modelo propuesto tiene como objetivo aumentar el nivel de madurez del proceso mediante un conjunto de controles propuestos de acuerdo a los hallazgos encontrados en la web oscura. El modelo consta de 3 fases:1. Identificación de los activos de información mediante herramientas de Ciber inteligencia de amenazas. 2. Diagnóstico de la exposición de los activos de información. 3. Propuesta de controles según las categorías y criterios propuestos. La validación de la propuesta se realizó en una institución de seguros en Lima, Perú con datos obtenidos por la institución. Los resultados preliminares mostraron 196 correos electrónicos y contraseñas expuestos en la web oscura de los cuales 1 correspondía al Gerente de Tecnología. Con esta identificación, se diagnosticó que la institución se encontraba en un nivel de madurez “Normal”, y a partir de la implementación de los controles propuestos se llegó al nivel “Avanzado”.
The dark web is an area conducive to illegal activities of all kinds. In recent times, cybercriminals are changing their approach towards information trafficking (personal or corporate) because the risks are much lower compared to other types of crime. There is a wealth of information hosted here, but few companies know how to access this data, evaluate it, and minimize the damage it can cause. In this work, we propose a reference model to identify the maturity level of the Cyber Intelligence Threat process. This proposal considers the dark web as an important source of cyber threats causing a latent risk that organizations do not consider in their cybersecurity strategies. The proposed model aims to increase the maturity level of the process through a set of proposed controls according to the information found on the dark web. The model consists of 3 phases: 1. Identification of information assets using cyber threat intelligence tools. 2. Diagnosis of the exposure of information assets. 3. Proposal of controls according to the proposed categories and criteria. The validation of the proposal was carried out in an insurance institution in Lima, Peru with data obtained by the institution. Preliminary results showed 196 emails and passwords exposed on the dark web of which 1 corresponded to the Technology Manager of the company under evaluation. With this identification, it was diagnosed that the institution was at a “Normal” maturity level, and from the implementation of the proposed controls the “Advanced” level was reached.
Tesis

Gli stili APA, Harvard, Vancouver, ISO e altri

Albanez, Altamar Urbanetz de Araújo. "Associação entre CMMI-DEV 1.2 e ISO/TS 16949". Universidade Tecnológica Federal do Paraná, 2012. http://repositorio.utfpr.edu.br/jspui/handle/1/558.

Testo completo

Abstract (sommario):

O setor automotivo é um dos mais arrojados em termos de qualidade, demandando a certificação ISO/TS 16949. Apesar dessas empresas dominarem essa certificação, algumas a perdem em auditorias posteriores ou obtêm poucas melhorias além das existentes. Há indícios de que elas não possuam maturidade suficiente para obter ou manter essa certificação, nem diretrizes para melhorar continuamente. Em trabalhos anteriores, constatou-se que empresas certificadas possuíam, no mínimo, nível 2 de maturidade, sendo 1 (mínimo) e 5 (máximo), o que significa uma empresa com processo definido e gerenciável. Entretanto, o que habilita a empresa a melhorar seus índices é ter o processo controlado e integrado. A falta de maturidade de um processo de desenvolvimento de produto (PDP) desencadeia refugos e retrabalhos, comprometendo o uso eficiente de recursos, impactando no tempo e no custo do desenvolvimento e, indiretamente, na qualidade do processo e do produto final. Porém, as empresas certificadas não possuem diretrizes para melhorar seus processos. Para isso, a ISO demandaria algum recurso associado, visando fornecer orientação quanto aos aspectos que precisariam ser melhorados. Considerando que o CMMI é um método eficaz na obtenção de diagnóstico de maturidade e que considera a integração do PDP, esse trabalho visa identificar a associação entre a certificação ISO/TS 16949 e o método CMMI-DEV 1.2. Para isso, apresenta uma revisão sobre PDPs, certificação da qualidade e maturidade de processo. Posteriormente, são associadas as variáveis envolvidas em um processo de certificação ISO 9001 e as variáveis avaliadas na ISO/TS 16949 com as variáveis envolvidas na avaliação do nível 2 de maturidade do modelo CMMI-DEV 1.2. O trabalho explicita quais itens são considerados pela ISO/TS 16949, ressaltando os itens do CMMI que poderiam ser usados para obter um diagnóstico complementar para as empresas que desejam melhorar o fator qualidade, agregando, em paralelo, mais eficiência e produtividade aos seus processos produtivos.
The automotive sector is one of the most daring in terms of quality, requiring because of that certification to ISO/TS 16949. Although these companies dominate this certification, some lose in the subsequent audits or get little improvement beyond existing. There is evidence that they do not have the maturity to obtain or maintain such certification or guidelines to continually improve. In previous work, it was found out that certified companies had at least level 2 maturity, 1 (minimum) and 5 (maximum), which means a company defined and manageable process. However, what enables the company to improve its indexes have the process is controlled and integrated. The lack of maturity of a product development process (PDP) triggers scrap and rework, compromising the efficient use of resources, impacting the time and cost of development and, indirectly, the quality of the process and final product. However, the guidelines do not have certified companies to improve their processes. For this, the ISO would require some resource associated in order to provide guidance on the aspects that need to be improved. Whereas CMMI is an effective method for obtaining diagnostic and maturity that considers the integration of PDP, this work aims to identify the association between the ISO/TS 16949 and CMMI-DEV 1.2 method. Presenting an overview of PDPs, quality certification and process maturity. Later, associated variables are involved in a process of ISO 9001 certification and the variables evaluated in the ISO/TS 16949 with the variables involved in assessing the maturity level 2 with CMMI-DEV 1.2. The paper explains which items are considered by the ISO/TS 16949, CMMI highlighting items that could be used for diagnosis complement for companies that wish to improve the quality factor, adding, in parallel, more efficiency and productivity of their production processes.

Gli stili APA, Harvard, Vancouver, ISO e altri

Libri sul tema "Cybersecurity Maturity Model Certification"

Cybersecurity Maturity Model Certification (CMMC) - a Pocket Guide. IT Governance Ltd, 2020.

Cerca il testo completo

Gli stili APA, Harvard, Vancouver, ISO e altri

MARK A RUSSO CISSP-ISSAP CISO. Cybersecurity Maturity Model Certification ~ 2ND EDITION: CUI Classification, Marking, and Storage Guide. Independently Published, 2019.

Cerca il testo completo

Gli stili APA, Harvard, Vancouver, ISO e altri

MARK A RUSSO CISSP-ISSAP CISO. Cybersecurity Maturity Model Certification : Levels 1-3 Manual: Detailed Security Control Implementation Guidance. Independently Published, 2019.

Cerca il testo completo

Gli stili APA, Harvard, Vancouver, ISO e altri

Landoll, Douglas. Cybersecurity Maturity Model Certification CMMC 2. 0 Assessment Handbook: An Implementation and Self-Assessment Guide for CUI, NIST SP 800-171, and CMMC 2. 0. Independently Published, 2022.

Cerca il testo completo

Gli stili APA, Harvard, Vancouver, ISO e altri

MARK A RUSSO CISSP-ISSAP CISO. Capability Maturity Model Certification: Companion CUI Marking Guide. Independently Published, 2019.

Cerca il testo completo

Gli stili APA, Harvard, Vancouver, ISO e altri

Government, U. S., e Department of Homeland Security. Best Practices for Planning a Cybersecurity Workforce and the National Initiative for Cybersecurity Education (NICE) Cybersecurity Capability Maturity Model - Benefits of Workforce Planning. Independently Published, 2018.

Cerca il testo completo

Gli stili APA, Harvard, Vancouver, ISO e altri

Capitoli di libri sul tema "Cybersecurity Maturity Model Certification"

Acosta, Mauricio Alexander Nieto, e Hamid Jahankhani. "An Empirical Study into Ransomware Campaigns Against the Education Sector and Adopting the Cybersecurity Maturity Model Certification Framework". In Advanced Sciences and Technologies for Security Applications, 67–103. Cham: Springer Nature Switzerland, 2023. http://dx.doi.org/10.1007/978-3-031-33627-0_4.

Testo completo

Gli stili APA, Harvard, Vancouver, ISO e altri

Donalds, Charlette, Corlane Barclay e Kweku-Muata Osei-Bryson. "The Cybersecurity Capability Maturity Model for Sustainable Security Advantage". In Cybercrime and Cybersecurity in the Global South, 175–90. Boca Raton: Routledge, 2022. http://dx.doi.org/10.1201/9781003028710-12.

Testo completo

Gli stili APA, Harvard, Vancouver, ISO e altri

Kreppein, Alexander, Alexander Kies e Robert H. Schmitt. "Novel Maturity Model for Cybersecurity Evaluation in Industry 4.0". In Communications in Computer and Information Science, 198–210. Singapore: Springer Singapore, 2021. http://dx.doi.org/10.1007/978-981-16-8059-5_12.

Testo completo

Gli stili APA, Harvard, Vancouver, ISO e altri

Yigit Ozkan, Bilge, e Marco Spruit. "A Questionnaire Model for Cybersecurity Maturity Assessment of Critical Infrastructures". In Lecture Notes in Computer Science, 49–60. Cham: Springer International Publishing, 2019. http://dx.doi.org/10.1007/978-3-030-12085-6_5.

Testo completo

Gli stili APA, Harvard, Vancouver, ISO e altri

Gao, Zimeng, Fei Xing e Guochao Peng. "Research on the Capability Maturity Model of Data Security in the Era of Digital Transformation". In HCI for Cybersecurity, Privacy and Trust, 151–62. Cham: Springer Nature Switzerland, 2023. http://dx.doi.org/10.1007/978-3-031-35822-7_11.

Testo completo

Gli stili APA, Harvard, Vancouver, ISO e altri

Ahouanmenou, Steve. "Towards a Cybersecurity Maturity Model Specific for the Healthcare Sector: Focus on Hospitals". In Research Challenges in Information Science, 141–48. Cham: Springer Nature Switzerland, 2024. http://dx.doi.org/10.1007/978-3-031-59468-7_16.

Testo completo

Gli stili APA, Harvard, Vancouver, ISO e altri

Baninemeh, Elena, Harold Toomey, Katsiaryna Labunets, Gerard Wagenaar e Slinger Jansen. "An Evaluation of the Product Security Maturity Model Through Case Studies at 15 Software Producing Organizations". In Lecture Notes in Business Information Processing, 327–43. Cham: Springer Nature Switzerland, 2024. http://dx.doi.org/10.1007/978-3-031-53227-6_23.

Testo completo

Abstract (sommario):

AbstractCybersecurity is becoming increasingly important from a software business perspective. The software that is produced and sold generally becomes part of a complex landscape of customer applications and enlarges the risk that customer organizations take. Increasingly, software producing organizations are realizing that they are on the front lines of the cybersecurity battles. Maintaining security in a software product and software production process directly influences the livelihood of a software business. There are many models for evaluating security of software products. The product security maturity model is commonly used in the industry but has not received academic recognition. In this paper we report on the evaluation of the product security maturity model on usefulness, applicability, and effectiveness. The evaluation has been performed through 15 case studies. We find that the model, though rudimentary, serves medium to large organizations well and that the model is not so applicable within smaller organizations.

Gli stili APA, Harvard, Vancouver, ISO e altri

Kendzierskyj, Stefan, Hamid Jahankhani, Arshad Jamal, Osama Hussien e Longzhi Yang. "The Role of Blockchain with a Cybersecurity Maturity Model in the Governance of Higher Education Supply Chains". In Advanced Sciences and Technologies for Security Applications, 1–35. Cham: Springer Nature Switzerland, 2023. http://dx.doi.org/10.1007/978-3-031-33627-0_1.

Testo completo

Gli stili APA, Harvard, Vancouver, ISO e altri

"THE ROAD TO CERTIFICATION". In The Cybersecurity Maturity Model Certification (CMMC) – A pocket guide, 65–71. IT Governance Publishing, 2020. http://dx.doi.org/10.2307/j.ctv17f12mb.8.

Testo completo

Gli stili APA, Harvard, Vancouver, ISO e altri

Muller, S. Raschid. "An Analysis of the Design of the Cybersecurity Maturity Model Certification (CMMC) and Its Direct Effect on Supply Chain Management". In Advances in Human Resources Management and Organizational Development, 220–43. IGI Global, 2023. http://dx.doi.org/10.4018/978-1-6684-8691-7.ch014.

Testo completo

Abstract (sommario):

This chapter addresses the rationale behind commissioning the Cybersecurity Maturity Model Certification by the Department of Defense to address critical supply chain issues that directly affect services provided by contractors. The fourth pillar of cybersecurity was added to the existent three-pillar model (cost, schedule, and performance) to significantly lower risk to the supply chain. Scenarios addressed in the chapter identify the need for its immediate implementation. Recommendations were made based on the literature about informing the supply chain community of the impact of cybersecurity's lack of awareness on its overall effect on business continuity and impact.

Gli stili APA, Harvard, Vancouver, ISO e altri

Atti di convegni sul tema "Cybersecurity Maturity Model Certification"

Oliveira, Andre da Silva, e Henrique Santos. "Continuous Industrial Sector Cybersecurity Assessment Paradigm* : Proposed Model of Cybersecurity Certification". In 2022 18th International Conference on the Design of Reliable Communication Networks (DRCN). IEEE, 2022. http://dx.doi.org/10.1109/drcn53993.2022.9758022.

Testo completo

Gli stili APA, Harvard, Vancouver, ISO e altri

Gourisetti, Sri Nikhil Gupta, Scott Mix, Michael Mylrea, Christopher Bonebrake e Md Touhiduzzaman. "Secure Design and Development Cybersecurity Capability Maturity Model (SD2-C2M2)". In NCS '19: Northwest Cybersecurity Symposium. New York, NY, USA: ACM, 2019. http://dx.doi.org/10.1145/3332448.3332461.

Testo completo

Gli stili APA, Harvard, Vancouver, ISO e altri

Bhattacharya, Souradeep, Burhan Hyder e Manimaran Govindarasu. "ICS-CTM2: Industrial Control System Cybersecurity Testbed Maturity Model". In 2022 Resilience Week (RWS). IEEE, 2022. http://dx.doi.org/10.1109/rws55399.2022.9984023.

Testo completo

Gli stili APA, Harvard, Vancouver, ISO e altri

Alvaro, Alexandre, e Silvio Lemos Meira. "Software Component Certification: A Component Quality Model". In Simpósio Brasileiro de Qualidade de Software. Sociedade Brasileira de Computação - SBC, 2006. http://dx.doi.org/10.5753/sbqs.2006.15630.

Testo completo

Abstract (sommario):

Component-based software development is becoming more generalized, representing a considerable market for the software industry. However, several technical issues remain unsolved before the software components industry reaches the maturity as other software industries. Problems such as component selection and the uncertain quality of third-party developed components bring new challenges to the software engineering community. In contrast, software component certification is still immature and much research is needed in order to create well-defined standards for certification. This paper introduces a component quality model, based upon consistent and well-defined quality characteristics, and describes a formal case study that was used in order to analyze the viability of the model usage.

Gli stili APA, Harvard, Vancouver, ISO e altri

Rojas, Aaron Joseph Serrano, Erick Fabrizzio Paniura Valencia, Jimmy Armas-Aguirre e Juan Manuel Madrid Molina. "Cybersecurity maturity model for the protection and privacy of personal health data". In 2022 IEEE 2nd International Conference on Advanced Learning Technologies on Education & Research (ICALTER). IEEE, 2022. http://dx.doi.org/10.1109/icalter57193.2022.9964729.

Testo completo

Gli stili APA, Harvard, Vancouver, ISO e altri

Alayo, Jorge Gutierrez, Paul Necochea Mendoza, Jimmy Armas-Aguirre e Juan Madrid Molina. "Cybersecurity maturity model for providing services in the financial sector in Peru". In 2021 Congreso Internacional de Innovación y Tendencias en Ingeniería (CONIITI). IEEE, 2021. http://dx.doi.org/10.1109/coniiti53815.2021.9619733.

Testo completo

Gli stili APA, Harvard, Vancouver, ISO e altri

Arenas, Ethan, Juan Palomino e Juan-Pablo Mansilla. "Cybersecurity Maturity Model to Prevent Cyberattacks on Web Applications Based on ISO 27032 and NIST". In 2023 IEEE XXX International Conference on Electronics, Electrical Engineering and Computing (INTERCON). IEEE, 2023. http://dx.doi.org/10.1109/intercon59652.2023.10326028.

Testo completo

Gli stili APA, Harvard, Vancouver, ISO e altri

Barclay, Corlane. "Sustainable security advantage in a changing environment: The Cybersecurity Capability Maturity Model (CM²)". In 2014 ITU Kaleidoscope: Living in a Converged World - Impossible without Standards? (K-2014). IEEE, 2014. http://dx.doi.org/10.1109/kaleidoscope.2014.6858466.

Testo completo

Gli stili APA, Harvard, Vancouver, ISO e altri

Azambuja, Antonio João, e João Souza Neto. "Modelo de maturidade de segurança cibernética para os órgãos da Administração Pública Federal". In II Workshop de Segurança Cibernética em Dispositivos Conectados. Sociedade Brasileira de Computação - SBC, 2019. http://dx.doi.org/10.5753/wscdc.2019.7707.

Testo completo

Abstract (sommario):

This paper presents a Cybersecurity maturity model for the agencies of the Brazilian Federal Public Administration. Qualitative research was conducted to analyze Cybersecurity maturity models found in the literature, which served as ground to develop the proposed model. To analyze, understand and construe the qualitative material, we used content analysis and an online questionnaire as technical procedures. The content analysis was divided into pre-analysis, material exploration and handling of results which allowed setting the domains of the proposed model. The model was applied through an online questionnaire to some agencies of the Brazilian Federal Public Administration. The results evidenced that, in general, the agencies surveyed have low maturity in Cybersecurity.

Gli stili APA, Harvard, Vancouver, ISO e altri

Gottschall, Marcel, Bastian Binder e Alexis Castel. "Towards Certification by Simulation with Model-based continuous Engineering Processes showcased on eVTOL Application". In Vertical Flight Society 78th Annual Forum & Technology Display. The Vertical Flight Society, 2022. http://dx.doi.org/10.4050/f-0078-2022-17586.

Testo completo

Abstract (sommario):

Aerospace industry OEMs and suppliers are progressing their engineering processes and performance to the next maturity level gearing to digital thread solutions. Current challenges like continuous engineering, virtual certification, distributed development, consolidated virtual proving grounds, homologation, digital twin and operational applications, require well informed decision making in a comprehensive, reliable, traceable and customizable environment. In particular, in aerospace domain, with widespread tight collaborative ecosystems between integrators and suppliers, the capability of tracing each decision and its underlying artifacts becomes a key value of an engineering platform. This paper will outline a middleware approach to reuse generated artifacts and their relationships in a federated engineering environment supporting a "best tool for the job" approach by introducing a layer providing unification and consistency throughout all managed artifacts. Based on an exemplary eVTOL setup, the benefits of integrated data and workflows from specification to virtual design verification are highlighted to motivate their value towards realisation of MBSE methodologies.

Gli stili APA, Harvard, Vancouver, ISO e altri

Rapporti di organizzazioni sul tema "Cybersecurity Maturity Model Certification"

Lewis, James Andrew. Advanced Experiences in Cybersecurity Policies and Practices: An Overview of Estonia, Israel, South Korea, and the United States. Inter-American Development Bank, luglio 2016. http://dx.doi.org/10.18235/0007970.

Testo completo

Abstract (sommario):

Access to the Internet increases productivity, national income, and employment. Access to information catalyzes growth. However, these opportunities come with risk. Digital technologies are not mature and can be easily exploited by criminals and other antagonists. This discussion paper looks at the experience of four countries -Estonia, Israel, South Korea, and the United States- that are among the most advanced in cybersecurity, to see how they have tackled this problem and what lessons can be learned from their experiences. To provide a structured assessment, CSIS, under the leadership of James A. Lewis, has based this review on the Cybersecurity Capability Maturity Model (CMM), originally applied in the 2016 Cybersecurity Report: Are We Ready in Latin America and the Caribbean? The CMM approaches cybersecurity through five dimensions of capacity and evaluates them along five stages of maturity for each of its 49 indicators. This document will complement the 2016 Cybersecurity Report by providing an overview of the experiences of these leading countries, describing how they have approached the problem of cybersecurity and how their policies have evolved. It serves as a useful guide to other countries as they develop their own national approaches to cybersecurity.

Gli stili APA, Harvard, Vancouver, ISO e altri

Cybersecurity: Are We Ready in Latin America and the Caribbean? Inter-American Development Bank, marzo 2016. http://dx.doi.org/10.18235/0006517.

Testo completo

Abstract (sommario):

The manner in which nation states and regions address cybersecurity capacity is essential for effective, efficient, and sustainable cybersecurity. The 2016 Cybersecurity Report is the result of the collaboration between the Inter-American Development Bank (IDB), the Organization of American States (OAS), and the Global Cyber Security Capacity Centre (GCSCC) at the University of Oxford. The report presents a complete picture and update on the status of cybersecurity (risks, challenges, and opportunities) of Latin America and the Caribbean countries. The first section consists of a series of essays on cybersecurity trends in the region contributed by internationally recognized experts in the field. The second examines the "cyber maturity" of each country through the Cybersecurity Capability Maturity Model (CMM), which approaches cybersecurity considerations through five dimensions of capacity and evaluates them along five maturity stages for each of its 49 indicators. The CMM is the first of its kind in terms of the breadth and depth in each aspect of cybersecurity capacity. It is built on a foundation of multi-stakeholder consultation and respect for human rights, carefully balancing the need for security to enable economic growth and sustainability while respecting the right of freedom of expression and the right to privacy.

Gli stili APA, Harvard, Vancouver, ISO e altri

Offriamo sconti su tutti i piani premium per gli autori le cui opere sono incluse in raccolte letterarie tematiche. Contattaci per ottenere un codice promozionale unico!