A Cybersecurity Maturity Model and Toolkit for Self-assessment
Abstract
Cybersecurity landscape is evolving rapidly, and the threats associated with it are not new to most organizations in Kenya, be it small, medium, or large. With the rise of cyber risks such as high-profile cyber-attacks and data breaches, businesses across all industries have stepped up and are making cybersecurity a top priority and a key objective. Conducting a cyber maturity assessment for an organization provides an assurance to the board of directors, senior management, employees, clients, and any other stakeholder on the ability to protect information assets and its preparedness against cyber threats. With this in place, an organization can identify, assess, prioritize, and mitigate its cybersecurity risks in a timely manner.
This study proposes a framework and a toolkit that is meant to help organizations conduct assessments that is crucial in providing informed overview of the organization’s cybersecurity posture and data for cybersecurity-related decisions. The toolkit exists in Microsoft Excel that has been designed to have IT security controls that can be implemented to ensure a sound information security management program by organizations. This has been automated into a prototype that will enable a cloud-based assessment to organizations through a software as a service (SaaS) platform.
Publisher
University of Nairobi
Rights
Attribution-NonCommercial-NoDerivs 3.0 United StatesUsage Rights
http://creativecommons.org/licenses/by-nc-nd/3.0/us/Collections
The following license files are associated with this item: