Towards development of a cyber security capability maturity model

摘要

Business processes are increasingly becoming technology driven. Disruptive technologies like social, mobility, analytics and cloud (SMAC) and internet of things (IOTs) have made a paradigm shift in the information technology space. With this evolution, the cyber security threats to digital infrastructure also have been increasing manifold and are a concern for the sustenance of business growth scenario. There is a need for a continuous improvement program in the cyber security posture of the organisations to keep pace with the increasing threats. Capability maturity models help to achieve this purpose. This paper presents the formulation and validation of a new cyber security capability maturity model (CSCMM) by comparing the strengths and limitations of nine contemporary maturity models and performing an empirical analysis of inputs from 200 odd relevant cross industry sector professionals. CSCMM is expected to improve the cyber security posture of the organisations to combat to the new generation threats.