CIS-based security maturity assessment tool development
Ensuring a solid security posture is critical for businesses of all sizes, and small and medium-sized businesses (SMBs) are no exception. Given the continually evolving threat landscape, SMBs must proactively protect their information assets against cyber threats. An essential element of such protec...
Saved in:
| Main Author: | |
|---|---|
| Format: | text |
| Language: | English |
| Published: |
Animo Repository
2023
|
| Subjects: | |
| Online Access: | https://animorepository.dlsu.edu.ph/etdm_comtech/25 |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| Institution: | De La Salle University |
| Language: | English |
| Summary: | Ensuring a solid security posture is critical for businesses of all sizes, and small and medium-sized businesses (SMBs) are no exception. Given the continually evolving threat landscape, SMBs must proactively protect their information assets against cyber threats. An essential element of such protection is the assessment and improvement of security maturity. Measuring the effectiveness of their current information security performance enables SMBs to allocate their cybersecurity resources toward areas that require improvement. The paper discusses the development of a security maturity assessment tool based on the Center for Internet Security (CIS) Controls Implementation Group 1 (IG1) framework for SMBs. The project employs the CIS IG1 framework to identify relevant security controls, ensuring the tool developed is based on industry-standard best practices. The researcher uses a five-point Likert scale to assess each security control, ensuring the tool can provide relevant insights into an organization's security posture. Using the identified maturity levels, SMBs can compare their security posture with industry peers, identify areas for improvement, and implement appropriate measures to enhance their security posture. |
|---|