CIS-based security maturity assessment tool development
Date of Publication
7-21-2023
Document Type
Master's Thesis
Degree Name
Master in Information Security
Subject Categories
Information Security
College
College of Computer Studies
Department/Unit
Computer Technology
Thesis Advisor
Fritz Kevin Flores
Defense Panel Chair
Marnel Peradilla
Defense Panel Member
Fritz Kevin Flores
Christian Joseph Villapando
Abstract/Summary
Ensuring a solid security posture is critical for businesses of all sizes, and small and medium-sized businesses (SMBs) are no exception. Given the continually evolving threat landscape, SMBs must proactively protect their information assets against cyber threats. An essential element of such protection is the assessment and improvement of security maturity. Measuring the effectiveness of their current information security performance enables SMBs to allocate their cybersecurity resources toward areas that require improvement.
The paper discusses the development of a security maturity assessment tool based on the Center for Internet Security (CIS) Controls Implementation Group 1 (IG1) framework for SMBs. The project employs the CIS IG1 framework to identify relevant security controls, ensuring the tool developed is based on industry-standard best practices. The researcher uses a five-point Likert scale to assess each security control, ensuring the tool can provide relevant insights into an organization's security posture.
Using the identified maturity levels, SMBs can compare their security posture with industry peers, identify areas for improvement, and implement appropriate measures to enhance their security posture.
Abstract Format
html
Language
English
Format
Electronic
Physical Description
103, [20] leaves
Keywords
Computer security
Recommended Citation
Chavez, J. D. (2023). CIS-based security maturity assessment tool development. Retrieved from https://animorepository.dlsu.edu.ph/etdm_comtech/25
Upload Full Text
wf_yes
Embargo Period
8-11-2023