Title: Towards development of a cyber security capability maturity model

Authors: Durga Prasad Dube; R.P. Mohanty

Addresses: SOA Siksha 'O' Anusandhan, Deemed to be university, Bhubaneswar, Odisha, 751030, India ' SOA Siksha 'O' Anusandhan, Deemed to be university, Bhubaneswar, Odisha, 751030, India

Abstract: Business processes are increasingly becoming technology driven. Disruptive technologies like social, mobility, analytics and cloud (SMAC) and internet of things (IOTs) have made a paradigm shift in the information technology space. With this evolution, the cyber security threats to digital infrastructure also have been increasing manifold and are a concern for the sustenance of business growth scenario. There is a need for a continuous improvement program in the cyber security posture of the organisations to keep pace with the increasing threats. Capability maturity models help to achieve this purpose. This paper presents the formulation and validation of a new cyber security capability maturity model (CSCMM) by comparing the strengths and limitations of nine contemporary maturity models and performing an empirical analysis of inputs from 200 odd relevant cross industry sector professionals. CSCMM is expected to improve the cyber security posture of the organisations to combat to the new generation threats.

Keywords: information security; security controls; cyber security; continuous improvement plan; CIP; maturity model.

DOI: 10.1504/IJBIS.2020.10014790

International Journal of Business Information Systems, 2020 Vol.34 No.1, pp.104 - 127

Received: 23 Jan 2018
Accepted: 24 May 2018

Published online: 21 Apr 2020 *

Full-text access for editors Access for subscribers Purchase this article Comment on this article