Relevant bibliographies by topics / Cybersecurity maturity model

Contents

  1. Journal articles
  2. Dissertations / Theses
  3. Books
  4. Book chapters
  5. Conference papers
  6. Reports

Academic literature on the topic 'Cybersecurity maturity model'

Author: Grafiati
Published: 9 January 2025
Last updated: 19 July 2025

Create a spot-on reference in APA, MLA, Chicago, Harvard, and other styles

Select a source type:

Consult the lists of relevant articles, books, theses, conference reports, and other scholarly sources on the topic 'Cybersecurity maturity model.'

Next to every source in the list of references, there is an 'Add to bibliography' button. Press on it, and we will generate automatically the bibliographic reference to the chosen work in the citation style you need: APA, MLA, Harvard, Chicago, Vancouver, etc.

You can also download the full text of the academic publication as pdf and read online its abstract whenever available in the metadata.

Journal articles on the topic "Cybersecurity maturity model"

1

Kour, Ravdeep, Ramin Karim, and Adithya Thaduri. "Cybersecurity for railways – A maturity model." Proceedings of the Institution of Mechanical Engineers, Part F: Journal of Rail and Rapid Transit 234, no. 10 (2019): 1129–48. http://dx.doi.org/10.1177/0954409719881849.

Full text
Abstract:
With the advancements in and widespread adoption of information and communication technologies in infrastructures, cyber-attacks are becoming more frequent and more severe. Advanced cybersecurity threats with automated capabilities are increasing in such sectors as finance, health, grid, retail, government, telecommunications, transportation, etc. Cyber-attacks are also increasing in railways with an impact on railway stakeholders, e.g. threat to the safety of employees, passengers, or the public in general; loss of sensitive railway information; reputational damage; monetary loss; erroneous decisions; loss of dependability, etc. There is a need to move towards advanced security analytics and automation to identify, respond to, and prevent such security breaches. The objective of this research is to reduce cyber risks and vulnerabilities and to improve the cybersecurity capabilities of railways by evaluating their cybersecurity maturity levels and making recommendations for improvements. After assessing various cybersecurity maturity models, the Cybersecurity Capability Maturity Model (C2M2) was selected to assess the cybersecurity capabilities of railway organizations. The contributions of this research are as follows. First, a new maturity level MIL4 (Maturity Indicator Level 4) is introduced in the C2M2 model. Second, the C2M2 model is adapted by adding advanced security analytics and threat intelligence to develop the Railway-Cybersecurity Capability Maturity Model (R-C2M2). The cybersecurity maturity of three railway organizations is evaluated using this model. Third, recommendations and available standards & guidelines are provided to the three railway organizations to improve maturity levels within different domains. In addition, they are given an action plan to implement the recommendations in a streamlined way. The application of this model will allow railway organizations to improve their capability to reduce the impacts of cyber-attacks and eradicate vulnerabilities. The approach can also be extended to other infrastructures with necessary adaptations.
APA, Harvard, Vancouver, ISO, and other styles
2

Yigit Ozkan, Bilge, Sonny van Lingen, and Marco Spruit. "The Cybersecurity Focus Area Maturity (CYSFAM) Model." Journal of Cybersecurity and Privacy 1, no. 1 (2021): 119–39. http://dx.doi.org/10.3390/jcp1010007.

Full text
Abstract:
The cost of recovery after a cybersecurity attack is likely to be high and may result in the loss of business at the extremes. Evaluating the acquired cybersecurity capabilities and evolving them to a desired state in consideration of risks are inevitable. This research proposes the CYberSecurity Focus Area Maturity (CYSFAM) Model for assessing cybersecurity capabilities. In this design science research, CYSFAM was evaluated at a large financial institution. From the many cybersecurity standards, 11 encompassing focus areas were identified. An assessment instrument—containing 144 questions—was developed. The in-depth single case study demonstrates how and to what extent cybersecurity related deficiencies can be identified. The novel scoring metric has been proven to be adequate, but can be further improved upon. The evaluation results show that the assessment questions suit the case study target audience; the assessment can be performed within four hours; the organization recognizes itself in the result.
APA, Harvard, Vancouver, ISO, and other styles
3

P, Dr Rachana. "Strategic Approaches to Cybersecurity Audits for Control Evaluation." INTERANTIONAL JOURNAL OF SCIENTIFIC RESEARCH IN ENGINEERING AND MANAGEMENT 08, no. 12 (2024): 1–5. https://doi.org/10.55041/ijsrem40065.

Full text
Abstract:
This article presents an empirical study evaluating the effectiveness of the CyberSecurity Audit Model (CSAM 2.0) at a Canadian higher education institution. CSAM 2.0 is a comprehensive model used to assess cybersecurity assurance, maturity, and readiness in medium to large organizations and at the national level. It allows for the effective evaluation of security controls across various cybersecurity domains. The study highlights global best practices in cybersecurity audits, highlighting the lack of standardized guidelines and weaknesses in cybersecurity training programs. The paper details CSAM 2.0's structure and architecture, sharing results from three research scenarios: (1) a single audit focusing on awareness education, (2) audits in multiple domains such as governance, legal compliance, and incident management, and (3) a full audit covering all model domains. The study concludes that CSAM 2.0 offers valuable insights for improving cybersecurity practices and addressing vulnerabilities. Keywords: Cybersecurity, Cybersecurity Audits, Cybersecurity Audit Model, Cybersecurity Assurance, Cybersecurity Maturity, Control Evaluation, Risk Management, Incident Response, Cybersecurity Domains, Cybersecurity Training.
APA, Harvard, Vancouver, ISO, and other styles
4

Princess Eloho Odio, Richard Okon, Mary Oyenike Adeyanju, Eseoghene Kokogho, and Obianuju Clement Onwuzulike. "Developing a cybersecurity maturity model for fintech firms using predictive analytics." International Journal of Science and Technology Research Archive 8, no. 1 (2025): 023–49. https://doi.org/10.53771/ijstra.2025.8.1.0021.

Full text
Abstract:
As the fintech industry expands, so does the sophistication of cybersecurity threats, making it critical for firms to adopt proactive and resilient security measures. This abstract proposes a cybersecurity maturity model specifically designed for fintech firms, incorporating predictive analytics to assess and enhance their cybersecurity posture. By leveraging predictive analytics, this model enables fintech companies to anticipate potential vulnerabilities, detect emerging threats, and strengthen their security strategies before incidents occur. The proposed cybersecurity maturity model is structured into distinct stages, ranging from basic security measures to advanced predictive capabilities. Each stage represents the evolution of a fintech firm's cybersecurity maturity, with predictive analytics playing a central role in moving from reactive to proactive defense mechanisms. Through the integration of machine learning algorithms and data-driven insights, the model can predict future risks based on historical attack data, threat patterns, and internal security metrics. This predictive capability allows fintech companies to identify vulnerabilities in real-time, prioritize security resources, and implement mitigation strategies ahead of potential attacks. The model also emphasizes continuous monitoring and data collection from various sources, such as transaction logs, network traffic, and user behavior, to build a comprehensive security profile. Predictive analytics can then process this data to provide forecasts on potential threats, attack vectors, and security gaps. The application of predictive analytics enhances decision-making, allowing cybersecurity teams to allocate resources more effectively and implement targeted interventions. Furthermore, this cybersecurity maturity model provides a framework for fintech companies to measure their progress, ensuring a systematic approach to enhancing security. It also fosters a culture of continuous improvement, aligning with the dynamic and evolving nature of cybersecurity in the fintech sector. Ultimately, by adopting predictive analytics, fintech firms can enhance their ability to protect digital financial operations, build customer trust, and comply with regulatory standards.
APA, Harvard, Vancouver, ISO, and other styles
5

Zwarts, Hendrik, Jaco Du Toit, and Basie Von Solms. "Augmenting Cybersecurity Awareness at Critical Infrastructures in Developing Countries Through a Cybersecurity Governance Maturity Model." European Conference on Cyber Warfare and Security 24, no. 1 (2025): 726–33. https://doi.org/10.34190/eccws.24.1.3708.

Full text
Abstract:
As the utilization of cyber systems in the management and operation of critical infrastructures have grown, the cybersecurity threats to critical infrastructure sectors such as energy, healthcare, transportation and water simultaneously increased exponentially. Critical infrastructures in developing countries are particularly vulnerable to growing cybersecurity threats due to limited resources, inadequate cybersecurity policies and a general shortage of skilled cybersecurity specialists. Addressing these vulnerabilities is essential for developing countries to ensure the operational continuity, data protection and public safety associated with functioning critical infrastructures. An explorative literature review identified a number of aspects that can be used to counter the increasing cybersecurity threats to critical infrastructures in developing countries. Literature suggests that although there are defined norms and standards for critical infrastructures in developing countries, there is room for improvement in terms of the contribution that enhanced cybersecurity awareness can accomplish. A good cybersecurity awareness program must include sufficient training that is aligned with an organization’s objectives, focus on raising cybersecurity awareness while performing normal duties whilst creating an interactive cybersecurity communication culture between all stakeholders. This paper presents research that is in progress to develop a functional cybersecurity governance maturity model aimed at capacitating role players responsible for the safeguarding of critical infrastructure systems in developing countries. The primary aim of the evolving Critical Infrastructure Cyber Governance Maturity Model (CICGM²) is to improve the cybersecurity governance of critical infrastructure systems in developing countries. The purpose of the article is to specifically describe how the CICGM² can be used to assess and determine the level of maturity of cybersecurity awareness programs at critical infrastructures in developing countries. The integration of recognized cybersecurity governance frameworks and established cybersecurity maturity models into the CICGM² presents unique opportunities to establish, measure and manage cybersecurity awareness initiatives at critical infrastructure systems in developing countries. This article contributes to the field of cybersecurity governance by offering a non-technical, scalable and adaptable CICGM² for key stakeholders at critical infrastructures in developing countries that can be used to determine the level of the cybersecurity awareness initiatives for the facilities that they are responsible for.
APA, Harvard, Vancouver, ISO, and other styles
6

Büyüközkan, Gülçin, and Merve Güler. "Cybersecurity maturity model: Systematic literature review and a proposed model." Technological Forecasting and Social Change 213 (April 2025): 123996. https://doi.org/10.1016/j.techfore.2025.123996.

Full text
APA, Harvard, Vancouver, ISO, and other styles
7

Dotsenko, T. V., and M. V. Kuzmenko. "Maturity of the country's cybersecurity system in the conditions of war: assessment trends." Economic Bulletin of Dnipro University of Technology 87 (September 2024): 34–43. http://dx.doi.org/10.33271/ebdut/87.034.

Full text
Abstract:
Methods. The study used the following methods: an inductive approach to formulating the concept of maturity of the country's cybersecurity system in military conditions; a deductive method to derive the concept of assessing the maturity of the country's cybersecurity system during military operations; content analysis identified the key elements of assessing the maturity of the national cybersecurity system in military operations; strategic analysis identified the main vectors of assessing the problem under study, and the latest approaches to assessing the national cybersecurity system. Results. The latest trends in assessing the maturity of the country's cybersecurity system, taking into account the aspect of military conditions, are identified: the existing regulatory and legal framework at the international and national levels is indicated; the concept of maturity and assessment of the maturity of the country's cybersecurity system during military operations is formulated. The paper outlines the key elements of assessing the maturity of the national cybersecurity system in military operations: adaptability, interoperability, readiness, partnership, cyber reserves, vulnerabilities and threats, and training. The main vectors of assessment are identified: assessment of cyber threats, cyber attacks, infrastructure protection, interaction of cybersecurity actors, level of personnel training; the latest approaches to system assessment are noted. A scheme of future key challenges, trends, and recommendations for assessing the maturity of the national cybersecurity system in wartime has been formed. Novelty. The study of the specifics of assessing the maturity of the country's cybersecurity system identifies key elements, vectors, approaches, and methods for assessing the cyber defence system. Weaknesses and vulnerabilities, existing progress in the development of cyber defence of the system are identified, and the necessary activities to enhance the effectiveness of national security in times of war are identified. Practical value. The experience of previous achievements in the functioning of cybersecurity systems is summarised, the most effective practices and methods of cyber resilience are identified, recommendations for assessing the maturity of the national cybersecurity system in times of war are proposed, which will optimise existing and potential resources, and will help to create the preconditions for further development of the latest model of cyber defence assessment.
APA, Harvard, Vancouver, ISO, and other styles
8

Aliyu, Aliyu, Leandros Maglaras, Ying He, et al. "A Holistic Cybersecurity Maturity Assessment Framework for Higher Education Institutions in the United Kingdom." Applied Sciences 10, no. 10 (2020): 3660. http://dx.doi.org/10.3390/app10103660.

Full text
Abstract:
As organisations are vulnerable to cyberattacks, their protection becomes a significant issue. Capability Maturity Models can enable organisations to benchmark current maturity levels against best practices. Although many maturity models have been already proposed in the literature, a need for models that integrate several regulations exists. This article presents a light, web-based model that can be used as a cybersecurity assessment tool for Higher Education Institutes (HEIs) of the United Kingdom. The novel Holistic Cybersecurity Maturity Assessment Framework incorporates all security regulations, privacy regulations, and best practices that HEIs must be compliant to, and can be used as a self assessment or a cybersecurity audit tool.
APA, Harvard, Vancouver, ISO, and other styles
9

Peliukh, O. I., M. V. Yesina, and D. Yu Holubnychyi. "CERT-UA assessment based on the CSIRT ENISA Maturity Model." Radiotekhnika, no. 213 (June 16, 2023): 41–48. http://dx.doi.org/10.30837/rt.2023.2.213.04.

Full text
Abstract:
Cybersecurity threats are steadily increasing in today's world, which is characterised by increased openness and integration into the global network. The proliferation of cyber incidents, including hacker attacks, confidential data leaks and information theft, is becoming an extremely pressing issue in this context. Accordingly, the eradication of these threats requires the development of effective methods of responding to cyber incidents. The central theme of this article is to consider the critical importance of assessing and improving the effectiveness of cyber incident response teams. The structure of such a team, including cybersecurity specialists, network engineers, analysts, etc., is aimed at identifying, analysing and overcoming threats in cyberspace. The key aspects of assessing such a team, like abilities, experience, communication skills and level of cooperation, are presented clearly through the prism of the updated ENISA CSIRT Maturity Model. The article uses the Computer Emergency Response Team in Ukraine (CERT-UA), a national team operating under the leadership of the State Service for Special Communications and Information Protection of Ukraine, to illustrate the methods of assessing a cyber incident response team. The assessment of the team, based on the ENISA CSIRT Maturity Model, points to key aspects that determine its effectiveness. The paper provides a clear view of the process of measuring cyber incident response teams through a systematic approach that identifies their strengths and weaknesses. The maturity analysis of the CERT-UA provides recommendations for further development of the team, which can be an important resource for academics, cybersecurity experts and government officials interested in improving the effectiveness of cyber threat response. It highlights the importance of assessing cyber incident response teams to ensure cybersecurity and information protection. Awareness of this issue contributes to continuous improvement and readiness to respond effectively to growing challenges in the modern digital environment.
APA, Harvard, Vancouver, ISO, and other styles
10

Abdullahi Garba, Adamu, Aliyu Musa Bade, Muktar Yahuza, and Ya’u Nuhu. "Cybersecurity capability maturity models review and application domain." International Journal of Engineering & Technology 9, no. 3 (2020): 779. http://dx.doi.org/10.14419/ijet.v9i3.30719.

Full text
Abstract:
Cybersecurity is a way of protecting organization critical assets, through the identification of cyber threats that can compromise the information stored, it involves the protection, identification, and responding to threats. The main aim of this article is to conduct an ample review of the published cybersecurity capability maturity models using a systematic review of published articles from 2014 to 2019. Features of Hal- vorsen and Conradi’s taxonomy were adopted to explain the models identified. The results indicated adopting a model to a certain organization is not feasible. However, modification is required before implementation, as the cost of implementation is not available when conducting this research.
APA, Harvard, Vancouver, ISO, and other styles
More sources

Dissertations / Theses on the topic "Cybersecurity maturity model"

1

Murray, Glenn Kristian. "Managing cybersecurity risk for critical infrastructure: A framework to secure critical infrastructure." Thesis, Edith Cowan University, Research Online, Perth, Western Australia, 2024. https://ro.ecu.edu.au/theses/2864.

Full text
Abstract:
As cyber threats continue to evolve, the protection of critical infrastructure has become a paramount concern, particularly considering the devastating potential these threats hold. The 2024 cyberattack on Change Healthcare, which resulted in significant financial losses for UnitedHealth, $870 million in the first quarter alone and up to $1.6 billion for the year, highlights the urgent need for effective cybersecurity measures to safeguard essential services. This thesis investigates the cybersecurity maturity of Australian critical infrastructure healthcare and, food and grocery sectors., focusing on key areas such as governance, risk management, protective measures, detection capabilities, response and recovery protocols, compliance and assurance, and employee training and awareness. This research employs a qualitative approach, using two rounds of semi-structured interviews with cybersecurity professionals, board members, and directors to gather in-depth insights into the current state of cybersecurity within these organisations. Thematic analysis conducted with Leximancer software identifies critical gaps in cybersecurity practices, particularly within the public sector, revealing systemic vulnerabilities that could be exploited by malicious actors. A major contribution of this thesis is the development of the Cyber Security Maturity Model (CSMM), a framework designed to enhance the cybersecurity practices of critical infrastructure sectors. The CSMM suggests guidelines for policymakers, administrators, and cybersecurity professionals, enabling them to strengthen their organisations' defences and improve overall resilience against cyber threats. The findings of this research confirm the need for comprehensive training programs, strategic planning, and better resource allocation to enhance cybersecurity resilience. This thesis offers a structured approach to addressing these challenges, contributing to the ongoing efforts to secure Australia's critical infrastructure. The insights and recommendations presented in this study contribute to the development of more robust cybersecurity strategies, ensuring the continued protection of essential services in an increasingly hostile cyber environment.
APA, Harvard, Vancouver, ISO, and other styles
2

Santos, Ricardo Meléndez, Anthony Aguilar Gallardo, and Jimmy Armas Aguirre. "Reference Model to Identify the Maturity Level of Cyber Threat Intelligence on the Dark Web." Repositorio Academico - UPC, 2021. http://hdl.handle.net/10757/653788.

Full text
Abstract:
El texto completo de este trabajo no está disponible en el Repositorio Académico UPC por restricciones de la casa editorial donde ha sido publicado.<br>In this article, we propose a reference model to identify the maturity level of the cyber intelligence threat process. This proposal considers the dark web as an important source of cyber threats causing a latent risk that organizations do not consider in their cybersecurity strategies. The proposed model aims to increase the maturity level of the process through a set of proposed controls according to the information found on the dark web. The model consists of three phases: (1) Identification of information assets using cyber threat intelligence tools. (2) Diagnosis of the exposure of information assets. (3) Proposal of controls according to the proposed categories and criteria. The validation of the proposal was carried out in an insurance institution in Lima, Peru, with data obtained by the institution. The measurement was made with artifacts that allowed to obtain an initial value of the current panorama of the company. Preliminary results showed 196 emails and passwords exposed on the dark web of which one corresponded to the technology manager of the company under evaluation. With this identification, it was diagnosed that the institution was at a “Normal” maturity level, and from the implementation of the proposed controls, the “Advanced” level was reached.<br>Revisión por pares
APA, Harvard, Vancouver, ISO, and other styles
3

Pérez, Navarro Henry Bryan, and Jara Humberto Luis Salcedo. "Modelo de madurez en ciberseguridad para empresas que manejan datos de salud." Bachelor's thesis, Universidad Peruana de Ciencias Aplicadas (UPC), 2021. http://hdl.handle.net/10757/655801.

Full text
Abstract:
El avance de la digitalización en distintas industrias trae consigo nuevos riesgos potenciales. Aquellas que pertenecen al sector salud se encuentran entre las que mayores riesgos deben enfrentar. La privacidad de los datos en el sector salud se encuentra regulada y las multas por el incumplimiento de normativas pueden afectar a las compañías, ya que esto indica que ponen en peligro los datos personales de sus clientes. Por ello, las industrias que pertenecen a este sector, necesitan una herramienta que facilite la identificación de capacidades en Ciberseguridad, Privacidad y gestión de datos de salud para cumplir con las normativas vigentes, y reducir los riesgos que comprometan la confidencialidad, integridad y accesibilidad de los datos. En este trabajo se propone un modelo de madurez de capacidades que identifica el grado de fiabilidad de los elementos de Ciberseguridad y Privacidad aplicados al Sector Salud. Esto se realizó mediante la selección de modelos, frameworks y normativas, aumentando su complejidad mediante la integración de capacidades de privacidad y gestión de datos de salud. El modelo se validó en una empresa del sector salud con una herramienta de diagnóstico y se observaron los resultados. Los resultados obtenidos se compararon con los componentes originales del modelo para verificar que los componentes se integraron holísticamente. Además, se entregó un formulario de evaluación del modelo a la empresa cliente para comprobar el nivel de satisfacción con respecto al uso del modelo y sus componentes.<br>The advancement of digitalization in different sectors brings along with it new potential risks. One of the sectors that have to confront said risks is the health sector. Data privacy in the health sector is heavily regulated and fines for non-compliance can affect the companies since it implies putting the client’s personal data at risk. Because of this, businesses belonging to the health sector need a tool to help with the identification of capabilities in Cybersecurity, Privacy and Health data management to achieve compliance with the current norms and reduce risks that might compromise the Confidentiality, Integrity and Availability of data This work proposes a capability maturity model that can identify the reliability of Cybersecurity and Privacy elements applied to the Health Sector. This was achieved through the use of models, frameworks and norms; allowing us to increase their complexity through the integration of privacy and health information management capacities. The model was validated by using a diagnosis tool in a health sector business and observing the results. The obtained results were compared with the original components of the model to verify the holistic integration of said components. We also used a model evaluation form to measure the satisfaction level of the business regarding the use of the model and its components.<br>Tesis
APA, Harvard, Vancouver, ISO, and other styles
4

Aguilar, Gallardo Anthony Josue, and Santos Ricardo Alfonso Meléndez. "Modelo de referencia para identificar el nivel de madurez de ciberinteligencia de amenazas en la dark web." Bachelor's thesis, Universidad Peruana de Ciencias Aplicadas (UPC), 2020. http://hdl.handle.net/10757/653512.

Full text
Abstract:
La web oscura es una zona propicia para actividades ilegales de todo tipo. En los últimos tiempos los cibercriminales están cambiando su enfoque hacia el tráfico de informacion (personal o corporativa) porque los riesgos son mucho más bajos en comparación con otros tipos de delito. Hay una gran cantidad de información alojada aquí, pero pocas compañías saben cómo acceder a estos datos, evaluarlos y minimizar el daño que puedan causar. El presente trabajo propone un modelo de referencia para identificar el nivel de madurez del proceso de Ciber Inteligencia de Amenazas. Esta propuesta considera la información comprometida en la web oscura, originando un riesgo latente que las organizaciones no consideran en sus estrategias de ciberseguridad. El modelo propuesto tiene como objetivo aumentar el nivel de madurez del proceso mediante un conjunto de controles propuestos de acuerdo a los hallazgos encontrados en la web oscura. El modelo consta de 3 fases:1. Identificación de los activos de información mediante herramientas de Ciber inteligencia de amenazas. 2. Diagnóstico de la exposición de los activos de información. 3. Propuesta de controles según las categorías y criterios propuestos. La validación de la propuesta se realizó en una institución de seguros en Lima, Perú con datos obtenidos por la institución. Los resultados preliminares mostraron 196 correos electrónicos y contraseñas expuestos en la web oscura de los cuales 1 correspondía al Gerente de Tecnología. Con esta identificación, se diagnosticó que la institución se encontraba en un nivel de madurez “Normal”, y a partir de la implementación de los controles propuestos se llegó al nivel “Avanzado”.<br>The dark web is an area conducive to illegal activities of all kinds. In recent times, cybercriminals are changing their approach towards information trafficking (personal or corporate) because the risks are much lower compared to other types of crime. There is a wealth of information hosted here, but few companies know how to access this data, evaluate it, and minimize the damage it can cause. In this work, we propose a reference model to identify the maturity level of the Cyber ​​Intelligence Threat process. This proposal considers the dark web as an important source of cyber threats causing a latent risk that organizations do not consider in their cybersecurity strategies. The proposed model aims to increase the maturity level of the process through a set of proposed controls according to the information found on the dark web. The model consists of 3 phases: 1. Identification of information assets using cyber threat intelligence tools. 2. Diagnosis of the exposure of information assets. 3. Proposal of controls according to the proposed categories and criteria. The validation of the proposal was carried out in an insurance institution in Lima, Peru with data obtained by the institution. Preliminary results showed 196 emails and passwords exposed on the dark web of which 1 corresponded to the Technology Manager of the company under evaluation. With this identification, it was diagnosed that the institution was at a “Normal” maturity level, and from the implementation of the proposed controls the “Advanced” level was reached.<br>Tesis
APA, Harvard, Vancouver, ISO, and other styles

Books on the topic "Cybersecurity maturity model"

1

Cybersecurity Maturity Model Certification (CMMC) - a Pocket Guide. IT Governance Ltd, 2020.

Find full text
APA, Harvard, Vancouver, ISO, and other styles
2

Voice), Maxwell (Male Synthesized. Cybersecurity Maturity Model Certification (CMMC) - a Pocket Guide. de Gruyter GmbH, Walter, 2020.

Find full text
APA, Harvard, Vancouver, ISO, and other styles
3

MARK A RUSSO CISSP-ISSAP CISO. Cybersecurity Maturity Model Certification ~ 2ND EDITION: CUI Classification, Marking, and Storage Guide. Independently Published, 2019.

Find full text
APA, Harvard, Vancouver, ISO, and other styles
4

MARK A RUSSO CISSP-ISSAP CISO. Cybersecurity Maturity Model Certification : Levels 1-3 Manual: Detailed Security Control Implementation Guidance. Independently Published, 2019.

Find full text
APA, Harvard, Vancouver, ISO, and other styles
5

Government, U. S., and Department of Homeland Security. Best Practices for Planning a Cybersecurity Workforce and the National Initiative for Cybersecurity Education (NICE) Cybersecurity Capability Maturity Model - Benefits of Workforce Planning. Independently Published, 2018.

Find full text
APA, Harvard, Vancouver, ISO, and other styles
6

Cybersecurity Maturity Model Certification Handbook: A Complete Guide for Preparing for Levels 1-3 CMMC Certification. Repose Reading, 2021.

Find full text
APA, Harvard, Vancouver, ISO, and other styles
7

Cybersecurity Maturity Model Certification CMMC 2. 0 Assessment Handbook: An Implementation and Self-Assessment Guide for CUI, NIST SP 800-171, and CMMC 2. 0. Independently Published, 2022.

Find full text
APA, Harvard, Vancouver, ISO, and other styles

Book chapters on the topic "Cybersecurity maturity model"

1

Donalds, Charlette, Corlane Barclay, and Kweku-Muata Osei-Bryson. "The Cybersecurity Capability Maturity Model for Sustainable Security Advantage." In Cybercrime and Cybersecurity in the Global South. Routledge, 2022. http://dx.doi.org/10.1201/9781003028710-12.

Full text
APA, Harvard, Vancouver, ISO, and other styles
2

Kreppein, Alexander, Alexander Kies, and Robert H. Schmitt. "Novel Maturity Model for Cybersecurity Evaluation in Industry 4.0." In Communications in Computer and Information Science. Springer Singapore, 2021. http://dx.doi.org/10.1007/978-981-16-8059-5_12.

Full text
APA, Harvard, Vancouver, ISO, and other styles
3

Yigit Ozkan, Bilge, and Marco Spruit. "A Questionnaire Model for Cybersecurity Maturity Assessment of Critical Infrastructures." In Lecture Notes in Computer Science. Springer International Publishing, 2019. http://dx.doi.org/10.1007/978-3-030-12085-6_5.

Full text
APA, Harvard, Vancouver, ISO, and other styles
4

Gao, Zimeng, Fei Xing, and Guochao Peng. "Research on the Capability Maturity Model of Data Security in the Era of Digital Transformation." In HCI for Cybersecurity, Privacy and Trust. Springer Nature Switzerland, 2023. http://dx.doi.org/10.1007/978-3-031-35822-7_11.

Full text
APA, Harvard, Vancouver, ISO, and other styles
5

Baninemeh, Elena, Harold Toomey, Katsiaryna Labunets, Gerard Wagenaar, and Slinger Jansen. "An Evaluation of the Product Security Maturity Model Through Case Studies at 15 Software Producing Organizations." In Lecture Notes in Business Information Processing. Springer Nature Switzerland, 2024. http://dx.doi.org/10.1007/978-3-031-53227-6_23.

Full text
Abstract:
AbstractCybersecurity is becoming increasingly important from a software business perspective. The software that is produced and sold generally becomes part of a complex landscape of customer applications and enlarges the risk that customer organizations take. Increasingly, software producing organizations are realizing that they are on the front lines of the cybersecurity battles. Maintaining security in a software product and software production process directly influences the livelihood of a software business. There are many models for evaluating security of software products. The product security maturity model is commonly used in the industry but has not received academic recognition. In this paper we report on the evaluation of the product security maturity model on usefulness, applicability, and effectiveness. The evaluation has been performed through 15 case studies. We find that the model, though rudimentary, serves medium to large organizations well and that the model is not so applicable within smaller organizations.
APA, Harvard, Vancouver, ISO, and other styles
6

Zwarts, Hendrik, Jaco Du Toit, and Basie Von Solms. "Towards a Cybersecurity Governance Maturity Model for Critical Infrastructures in Developing Countries." In Lecture Notes in Networks and Systems. Springer Nature Switzerland, 2025. https://doi.org/10.1007/978-3-031-92605-1_33.

Full text
APA, Harvard, Vancouver, ISO, and other styles
7

Ahouanmenou, Steve. "Towards a Cybersecurity Maturity Model Specific for the Healthcare Sector: Focus on Hospitals." In Research Challenges in Information Science. Springer Nature Switzerland, 2024. http://dx.doi.org/10.1007/978-3-031-59468-7_16.

Full text
APA, Harvard, Vancouver, ISO, and other styles
8

Kendzierskyj, Stefan, Hamid Jahankhani, Arshad Jamal, Osama Hussien, and Longzhi Yang. "The Role of Blockchain with a Cybersecurity Maturity Model in the Governance of Higher Education Supply Chains." In Advanced Sciences and Technologies for Security Applications. Springer Nature Switzerland, 2023. http://dx.doi.org/10.1007/978-3-031-33627-0_1.

Full text
APA, Harvard, Vancouver, ISO, and other styles
9

Acosta, Mauricio Alexander Nieto, and Hamid Jahankhani. "An Empirical Study into Ransomware Campaigns Against the Education Sector and Adopting the Cybersecurity Maturity Model Certification Framework." In Advanced Sciences and Technologies for Security Applications. Springer Nature Switzerland, 2023. http://dx.doi.org/10.1007/978-3-031-33627-0_4.

Full text
APA, Harvard, Vancouver, ISO, and other styles
10

Möller, Dietmar P. F. "Cybersecurity Maturity Models and SWOT Analysis." In Advances in Information Security. Springer Nature Switzerland, 2023. http://dx.doi.org/10.1007/978-3-031-26845-8_7.

Full text
APA, Harvard, Vancouver, ISO, and other styles

Conference papers on the topic "Cybersecurity maturity model"

1

Cobos, Salvador, Armando Garayar, and David Mauricio. "Cybersecurity Maturity Model Against Ransomware Attacks for the Financial Sector." In 2024 IEEE ANDESCON. IEEE, 2024. http://dx.doi.org/10.1109/andescon61840.2024.10755867.

Full text
APA, Harvard, Vancouver, ISO, and other styles
2

Gourisetti, Sri Nikhil Gupta, Scott Mix, Michael Mylrea, Christopher Bonebrake, and Md Touhiduzzaman. "Secure Design and Development Cybersecurity Capability Maturity Model (SD2-C2M2)." In NCS '19: Northwest Cybersecurity Symposium. ACM, 2019. http://dx.doi.org/10.1145/3332448.3332461.

Full text
APA, Harvard, Vancouver, ISO, and other styles
3

Bhattacharya, Souradeep, Burhan Hyder, and Manimaran Govindarasu. "ICS-CTM2: Industrial Control System Cybersecurity Testbed Maturity Model." In 2022 Resilience Week (RWS). IEEE, 2022. http://dx.doi.org/10.1109/rws55399.2022.9984023.

Full text
APA, Harvard, Vancouver, ISO, and other styles
4

Azambuja, Antonio João, and João Souza Neto. "Modelo de maturidade de segurança cibernética para os órgãos da Administração Pública Federal." In II Workshop de Segurança Cibernética em Dispositivos Conectados. Sociedade Brasileira de Computação - SBC, 2019. http://dx.doi.org/10.5753/wscdc.2019.7707.

Full text
Abstract:
This paper presents a Cybersecurity maturity model for the agencies of the Brazilian Federal Public Administration. Qualitative research was conducted to analyze Cybersecurity maturity models found in the literature, which served as ground to develop the proposed model. To analyze, understand and construe the qualitative material, we used content analysis and an online questionnaire as technical procedures. The content analysis was divided into pre-analysis, material exploration and handling of results which allowed setting the domains of the proposed model. The model was applied through an online questionnaire to some agencies of the Brazilian Federal Public Administration. The results evidenced that, in general, the agencies surveyed have low maturity in Cybersecurity.
APA, Harvard, Vancouver, ISO, and other styles
5

Rojas, Aaron Joseph Serrano, Erick Fabrizzio Paniura Valencia, Jimmy Armas-Aguirre, and Juan Manuel Madrid Molina. "Cybersecurity maturity model for the protection and privacy of personal health data." In 2022 IEEE 2nd International Conference on Advanced Learning Technologies on Education & Research (ICALTER). IEEE, 2022. http://dx.doi.org/10.1109/icalter57193.2022.9964729.

Full text
APA, Harvard, Vancouver, ISO, and other styles
6

Alayo, Jorge Gutierrez, Paul Necochea Mendoza, Jimmy Armas-Aguirre, and Juan Madrid Molina. "Cybersecurity maturity model for providing services in the financial sector in Peru." In 2021 Congreso Internacional de Innovación y Tendencias en Ingeniería (CONIITI). IEEE, 2021. http://dx.doi.org/10.1109/coniiti53815.2021.9619733.

Full text
APA, Harvard, Vancouver, ISO, and other styles
7

Arenas, Ethan, Juan Palomino, and Juan-Pablo Mansilla. "Cybersecurity Maturity Model to Prevent Cyberattacks on Web Applications Based on ISO 27032 and NIST." In 2023 IEEE XXX International Conference on Electronics, Electrical Engineering and Computing (INTERCON). IEEE, 2023. http://dx.doi.org/10.1109/intercon59652.2023.10326028.

Full text
APA, Harvard, Vancouver, ISO, and other styles
8

Barclay, Corlane. "Sustainable security advantage in a changing environment: The Cybersecurity Capability Maturity Model (CM2)." In 2014 ITU Kaleidoscope: Living in a Converged World - Impossible without Standards? (K-2014). IEEE, 2014. http://dx.doi.org/10.1109/kaleidoscope.2014.6858466.

Full text
APA, Harvard, Vancouver, ISO, and other styles
9

Kioskli, Kitty, Spyridon Papastergiou, Theofanis Fotis, Stefano Silvestri, and Haralambos Mouratidis. "A Self-Organized Swarm Intelligence Solution for Healthcare ICT Security." In 15th International Conference on Applied Human Factors and Ergonomics (AHFE 2024). AHFE International, 2024. http://dx.doi.org/10.54941/ahfe1004780.

Full text
Abstract:
The healthcare sector has undergone significant transformation in recent years, driven by the adoption of advanced medical technologies like IoT, Cloud Computing, and Big Data. This evolution began with the integration of electronic health records and has expanded to encompass a wide range of digital tools, from medical apps to wearables. These technological advancements have played a crucial role in enhancing patient experiences and outcomes. As healthcare technology has become increasingly interconnected, both physically and in the cyber realm, it has evolved into vast Health Care Information Infrastructures (HCIIs). These HCIIs are of paramount importance due to their critical role in people's well-being and safety. Any disruption, whether through direct actions like medical errors, or indirect actions such as altering patient records can have severe consequences for patient health. Currently, HCIIs are vulnerable because they often rely on isolated cybersecurity products. There is a pressing need to establish a comprehensive security strategy that can coordinate various security components to detect system vulnerabilities and sophisticated attacks. To address this complex challenge, it is essential to break down cybersecurity concerns in the healthcare sector based on the criticality of their assets. Prioritizing emerging solutions in this manner will help mitigate the complexity of the problem. Cyberattacks on the healthcare sector have become increasingly sophisticated and involve not only technical vulnerabilities but also social engineering tactics that exploit individuals with limited technical knowledge. European health and cybersecurity experts must collaborate to develop policies and standards that elevate security maturity throughout the EU. Ultimately, cybersecurity solutions in healthcare should not only enhance security but also have a positive business impact, enabling new services, collaborations, and market opportunities. The proposed solution in this study, represents a state-of-the-art approach to enhancing cybersecurity within HCIIs. It improves the detection and analysis of cyber threats and increases awareness of privacy and security risks in the digital healthcare ecosystem. By providing a Dynamic Situational Awareness Framework, the solution empowers stakeholders in the healthcare sector to recognize, model, and respond to cyber risks, including advanced persistent threats and daily cybersecurity incidents. Additionally, it facilitates the secure exchange of incident-related information aiming to strengthen the security and resilience of modern digital healthcare systems and the associated medical supply chain services. The proposed solution extends the frontiers of various research fields, including security engineering, privacy engineering, and artificial intelligence. Drawing inspiration from biological swarm formations, it brings together these disciplines to empower stakeholders in digital healthcare ecosystems. This leads to the creation of a highly interconnected and advanced intelligence system, comprised of simple nodes or groups of nodes, enabling local interactions and management of healthcare environments. By employing bio-inspired techniques and large-group decision-making models, the framework enhances communication and coordination in complex, distributed networks typical of interconnected healthcare infrastructures. It prioritizes scalability and fault-tolerance, allowing coordinated actions without a central coordinator. This approach streamlines investigation activities within healthcare ecosystems, fostering dynamic intelligence and collective decision-making, even when individual nodes lack a complete view of the situation.
APA, Harvard, Vancouver, ISO, and other styles
10

Rea-Guaman, A. M., I. D. Sanchez-Garcia, T. San Feliu, and J. A. Calvo-Manzano. "Maturity models in cybersecurity: A systematic review." In 2017 12th Iberian Conference on Information Systems and Technologies (CISTI). IEEE, 2017. http://dx.doi.org/10.23919/cisti.2017.7975865.

Full text
APA, Harvard, Vancouver, ISO, and other styles

Reports on the topic "Cybersecurity maturity model"

1

Lewis, James Andrew. Advanced Experiences in Cybersecurity Policies and Practices: An Overview of Estonia, Israel, South Korea, and the United States. Inter-American Development Bank, 2016. http://dx.doi.org/10.18235/0007970.

Full text
Abstract:
Access to the Internet increases productivity, national income, and employment. Access to information catalyzes growth. However, these opportunities come with risk. Digital technologies are not mature and can be easily exploited by criminals and other antagonists. This discussion paper looks at the experience of four countries -Estonia, Israel, South Korea, and the United States- that are among the most advanced in cybersecurity, to see how they have tackled this problem and what lessons can be learned from their experiences. To provide a structured assessment, CSIS, under the leadership of James A. Lewis, has based this review on the Cybersecurity Capability Maturity Model (CMM), originally applied in the 2016 Cybersecurity Report: Are We Ready in Latin America and the Caribbean? The CMM approaches cybersecurity through five dimensions of capacity and evaluates them along five stages of maturity for each of its 49 indicators. This document will complement the 2016 Cybersecurity Report by providing an overview of the experiences of these leading countries, describing how they have approached the problem of cybersecurity and how their policies have evolved. It serves as a useful guide to other countries as they develop their own national approaches to cybersecurity.
APA, Harvard, Vancouver, ISO, and other styles
2

Georgiev, Venelin. Comparative Analysis of Models for Assessing the Maturity of Cybersecurity Capabilities. Procon, 2021. http://dx.doi.org/10.11610/it4sec.0138.

Full text
APA, Harvard, Vancouver, ISO, and other styles
3

Cybersecurity: Are We Ready in Latin America and the Caribbean? Inter-American Development Bank, 2016. http://dx.doi.org/10.18235/0006517.

Full text
Abstract:
The manner in which nation states and regions address cybersecurity capacity is essential for effective, efficient, and sustainable cybersecurity. The 2016 Cybersecurity Report is the result of the collaboration between the Inter-American Development Bank (IDB), the Organization of American States (OAS), and the Global Cyber Security Capacity Centre (GCSCC) at the University of Oxford. The report presents a complete picture and update on the status of cybersecurity (risks, challenges, and opportunities) of Latin America and the Caribbean countries. The first section consists of a series of essays on cybersecurity trends in the region contributed by internationally recognized experts in the field. The second examines the "cyber maturity" of each country through the Cybersecurity Capability Maturity Model (CMM), which approaches cybersecurity considerations through five dimensions of capacity and evaluates them along five maturity stages for each of its 49 indicators. The CMM is the first of its kind in terms of the breadth and depth in each aspect of cybersecurity capacity. It is built on a foundation of multi-stakeholder consultation and respect for human rights, carefully balancing the need for security to enable economic growth and sustainability while respecting the right of freedom of expression and the right to privacy.
APA, Harvard, Vancouver, ISO, and other styles
You might also be interested in the extended bibliographies on the topic 'Cybersecurity maturity model' for particular source types:
Journal articles
We offer discounts on all premium plans for authors whose works are included in thematic literature selections. Contact us to get a unique promo code!

To the bibliography