CIS-based security maturity assessment tool development

Date of Publication

7-21-2023

Document Type

Master's Thesis

Degree Name

Master in Information Security

Subject Categories

Information Security

College

College of Computer Studies

Department/Unit

Computer Technology

Thesis Advisor

Fritz Kevin Flores

Defense Panel Chair

Marnel Peradilla

Defense Panel Member

Fritz Kevin Flores
Christian Joseph Villapando

Abstract/Summary

Ensuring a solid security posture is critical for businesses of all sizes, and small and medium-sized businesses (SMBs) are no exception. Given the continually evolving threat landscape, SMBs must proactively protect their information assets against cyber threats. An essential element of such protection is the assessment and improvement of security maturity. Measuring the effectiveness of their current information security performance enables SMBs to allocate their cybersecurity resources toward areas that require improvement.

The paper discusses the development of a security maturity assessment tool based on the Center for Internet Security (CIS) Controls Implementation Group 1 (IG1) framework for SMBs. The project employs the CIS IG1 framework to identify relevant security controls, ensuring the tool developed is based on industry-standard best practices. The researcher uses a five-point Likert scale to assess each security control, ensuring the tool can provide relevant insights into an organization's security posture.

Using the identified maturity levels, SMBs can compare their security posture with industry peers, identify areas for improvement, and implement appropriate measures to enhance their security posture.

Abstract Format

html

Language

English

Format

Electronic

Physical Description

103, [20] leaves

Keywords

Computer security

Upload Full Text

wf_yes

Embargo Period

8-11-2023

This document is currently not available here.

Share

COinS