Title :
A dynamic capability maturity model for improving cyber security
Author :
Adler, Richard M.
Author_Institution :
Comput. Soc., DecisionPath, Inc., Winchester, MA, USA
Abstract :
Cyber attacks continue to proliferate, with increasing sophistication and severity. Businesses and government agencies must establish robust governance, cultures, and data management processes to minimize vulnerability to such threats and ensure effective responses. Capability Maturity Models (CMMs) have been proposed to address this critical need; they enable organizations to benchmark their Cyber Security processes against a framework of recognized best practices. Unfortunately, CMMs are inherently static and diagnostic: they help identify maturity gaps, but are not directly actionable. This paper describes how to extend an existing Cyber Security CMM into a dynamic performance management framework through an intuitive Model-Simulate-Analyze methodology. This software-based framework enables organizations to formulate plans for improving their Cyber Security maturity levels; test and validate or refine those plans prior to roll-out; and monitor execution results to detect emerging problems and make appropriate mid-course adjustments to ensure success.
Keywords :
Capability Maturity Model; business data processing; government data processing; security of data; business agencies; cyber security CMM; cyber security maturity levels; data management; dynamic capability maturity model; dynamic performance management framework; government agencies; model-simulate-analyze methodology; software-based framework; Capability maturity model; Computer security; Coordinate measuring machines; Government; Object oriented modeling; Capability Maturity Model; Cyber Security; Decision support systems; Modeling and Simulation;
Conference_Titel :
Technologies for Homeland Security (HST), 2013 IEEE International Conference on
Conference_Location :
Waltham, MA
Print_ISBN :
978-1-4799-3963-3
DOI :
10.1109/THS.2013.6699005
