Comparative Analysis of Models for Assessing the Maturity of Cybersecurity Capabilities
Source:IT4Sec Reports, Number 138 (2021)
Keywords:assessment, capabilities, cyber resilience, Cybersecurity, cybersecurity areas, maturity level, measurement
The examination of all issues of interest in the field of cybersecurity, cyber resilience and the fight against cybercrime can be focused on one term, and that is the term cybersecurity capabilities. Cybersecurity capabilities demonstrate the ability to implement policies, standards, guidelines, and operational procedures for the security of information systems, networks, applications, and information. In turn, cybersecurity capabilities are a dynamic object that is built, maintained, developed, modified and adapted to the changing security environment. The dynamics of security capabilities require measuring the degree of their maturity and comparing them with the target levels. This report provides a comparative analysis of existing models for assessing the maturity of cybersecurity capabilities, thus creating an opportunity for a reasonable choice of such a method for the needs of specific assessment.