Authors: Durga Prasad Dube; R.P. Mohanty
Addresses: SOA Siksha 'O' Anusandhan, Deemed to be university, Bhubaneswar, Odisha, 751030, India ' SOA Siksha 'O' Anusandhan, Deemed to be university, Bhubaneswar, Odisha, 751030, India
Abstract: Business processes are increasingly becoming technology driven. Disruptive technologies like social, mobility, analytics and cloud (SMAC) and internet of things (IOTs) have made a paradigm shift in the information technology space. With this evolution, the cyber security threats to digital infrastructure also have been increasing manifold and are a concern for the sustenance of business growth scenario. There is a need for a continuous improvement program in the cyber security posture of the organisations to keep pace with the increasing threats. Capability maturity models help to achieve this purpose. This paper presents the formulation and validation of a new cyber security capability maturity model (CSCMM) by comparing the strengths and limitations of nine contemporary maturity models and performing an empirical analysis of inputs from 200 odd relevant cross industry sector professionals. CSCMM is expected to improve the cyber security posture of the organisations to combat to the new generation threats.
Keywords: information security; security controls; cyber security; continuous improvement plan; CIP; maturity model.
International Journal of Business Information Systems, 2020 Vol.34 No.1, pp.104 - 127
Received: 23 Jan 2018
Accepted: 24 May 2018
Published online: 21 Apr 2020 *