Organisational Information Security Management Maturity Model

Zammani, Mazlina; Razali, Rozilawati; Singh, Dalbir

doi:10.14569/ijacsa.2021.0120974

Cited by 6 publications

(4 citation statements)

References 37 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…A few research articles highlighted the same CSMA framework. For instance, seven research articles [25,28,31,33,34,36,38] focused on the Cyber Security Capability Maturity Model (C2M2), whereas four research articles [27,29,34,38] utilized the Control Objectives for Information and Related Technologies (COBIT) Framework. Several research articles also repeated and described the same framework in their literature review.…”

Section: Rq1: What Are the Cyber Security Maturity Assessment (Csma) ...mentioning

confidence: 99%

“…Several research articles also repeated and described the same framework in their literature review. 7 Cyber Security Capability Maturity Model (C2M2) [25], [28], [31], [33], [34], [36], [38] 8 Information Security Management Maturity Model (ISM3) [25], [31], [34], [ RQ2: Are these CSMA frameworks targeted for implementation in technology startups?…”

Section: Rq1: What Are the Cyber Security Maturity Assessment (Csma) ...mentioning

confidence: 99%

“…Information Security Management Maturity Model (ISM3) [25], [31], [34], [38] 6 The Publisher's Programme Overview for Information Security Management Assistance (PRISMA) [25] 7…”

Section: Rq3: Do the Existing Csma Framework Assess The Cyber Securit...mentioning

confidence: 99%

See 2 more Smart Citations

Cyber Security Maturity Assessment Framework for Technology Startups: A Systematic Literature Review

et al. 2023

View full text Add to dashboard Cite

Cybersecurity has gained increasing interest among firms of different sizes and industries due to the significant rise of cyber-attacks over time. Technology start-ups are particularly vulnerable to cyberattacks, as appropriate security measures cannot be executed due to their limited human capital and financial resources to quantify cyber risks and allocate appropriate investments to cyber security. Focusing on technology start-ups, this study conducted a systematic literature review on cyber security maturity assessment frameworks. This study addressed five research questions on the existing cyber security maturity assessment frameworks in various industries, the target for implementation, cyber security maturity level, and shared control domains of these frameworks, and the quantification of the return of cyber security investments. Referring to the Preferred Reporting Items for Systematic Reviews and Meta-Analysis (PRISMA) checklist, a detailed analysis was performed on 23 published research articles (out of 1,772) from reputable journals and conference proceedings from January 2011 to June 2022. The obtained results revealed the lack of a cyber security maturity assessment framework for technology start-ups. Despite the similarities in the cyber security maturity level for certain frameworks, the results revealed no singular framework that can evaluate the cyber security maturity level for technology start-ups. The results further revealed the lack of studies on the quantification of the return of cyber security investments in an end-to-end cyber security maturity assessment framework for technology start-ups.INDEX TERMS Technology start-up; cyber security maturity; cyber security framework; cyber risk quantification; return of security investment

show abstract

Section: Rq1: What Are the Cyber Security Maturity Assessment (Csma) ...mentioning

confidence: 99%

Section: Rq1: What Are the Cyber Security Maturity Assessment (Csma) ...mentioning

confidence: 99%

See 1 more Smart Citation

Cyber Security Maturity Assessment Framework for Technology Startups: A Systematic Literature Review

et al. 2023

View full text Add to dashboard Cite

show abstract

“…Organisational Information Security Management Maturity Model [97] The paper discusses the importance of Information Security Management (ISM) in protecting the confidentiality, integrity, and availability of information in organizations. Despite compliance with ISM requirements, many organizations continue to suffer from security incidents, indicating low maturity levels in ISM implementation.…”

mentioning

confidence: 99%

AIM Triad: A Prioritization Strategy for Public Institutions to Improve Information Security Maturity

et al. 2023

View full text Add to dashboard Cite

In today’s world, private and government organizations are legally obligated to prioritize their information security. They need to provide proof that they are continually improving their cybersecurity compliance. One approach that can help organizations achieve this goal is implementing information security maturity models. These models provide a structured framework for measuring performance and implementing best practices. However, choosing a suitable model can be challenging, requiring cultural, process, and work practice changes. Implementing multiple models can be overwhelming, if possible. This article proposes a prioritization strategy for public institutions that want to improve their information security maturity. We thoroughly analyzed various sources through systematic mapping to identify critical similarities in information security maturity models. Our research led us to create the AIM (Awareness, Infrastructure, and Management) Triad. This triad is a practical guide for organizations to achieve maturity in information security practices.

show abstract

Maturity Model of Response Protocols to Ransomware Scenarios in the Mining Sector

Gomez,

Vargas,

Mansilla

2024

Communications in Computer and Information Science

View full text Add to dashboard Cite

Organisational Information Security Management Maturity Model

Cited by 6 publications

References 37 publications

Cyber Security Maturity Assessment Framework for Technology Startups: A Systematic Literature Review

Cyber Security Maturity Assessment Framework for Technology Startups: A Systematic Literature Review

AIM Triad: A Prioritization Strategy for Public Institutions to Improve Information Security Maturity

Maturity Model of Response Protocols to Ransomware Scenarios in the Mining Sector

Contact Info

Product

Resources

About