Objective: the goal of this research is to provide a conceptual model of cyber security maturity for the critical infrastructure of the country. Metodology: Based on this, by referring to upstream documents in the cyber field, reference cyber security maturity models, and using mixed research methods (quantitative and qualitative), we try to interpret the findings obtained from qualitative studies in an integrated manner with the aim of achieving a perceptual level and presenting a conceptual model. has been To identify dimensions, components and indicators, using theoretical literature and studying previous research, first 144 studies were evaluated using CASP tool and finally 21 studies were selected. Results: Selected studies were coded using MAXQDA software and finally 56 indicators were calculated. These indicators were shared with 16 experts through a questionnaire and the final indicators were extracted for model design. The obtained model includes three dimensions, 13 components and 56 indicators. Conclusion: Considering that the guidelines related to the maturity of cyber security must be complete and comprehensive in a way that includes all matters related to cyber security, therefore, it is possible to use the indicators calculated in this research the basis for compiling these guidelines.
Nye, J. Wan, J. (2006). The Rise of China’s Soft Power and Its Implications for the United Statesm, Richard Rosecrans and Gu Guoliang, Power and Restraint: A Shared Vision for the U.S.–China Relationship (New York: Public Affairs), 28-30.
ISO/IEC 27032:2012. (2012). Information technology – Security techniques – Guidelines for cybersecurity, https://www.iso.org/standard/44375.html 2023-02-03.
Bilge, S. Marco. (2019). A Questionnaire Model for Cybersecurity Maturity Assessment of Critical Infrastructures. In Springer Nature Switzerland AG Conference paper.
Bilge and Others. (2019). A vulnerability-driven cyber security maturity model for measuring national critical infrastructure protection preparedness, In international journal of critical infrastructure protection, ScinceDirect, Elsevier,47 – 59.
Ide. (2019). cybersecurity capability maturity model for critical information technology infrastructure among nigeria financial organizations. PhD. Thesis, Teknologi Malaysia Univ.
Saleh. (2021). Information Security Maturity Model”, In International Journal of Computer Science and Security. 316-337.
Karokola, S. Kowalski & L. Yngström. (2011). Towards an Information Security Maturity Model for Secure e-Government Services: A Stakeholders View, In Proceedings of the 5th HAISA2011, Conference.
Gillies. (2011). Improving the quality of information security management systems with ISO27000, In the TQM Journal, 23(4), 367–376.
W. Humphrey. (1989). Managing the Software Process, In Omega International Journals of Management Science.
Spruit and M. Roeling. (2014). ISFAM: the information security focus area maturity model, In Proceedings of the European Conference on Information Systems (ECIS).
B, White. (2007). The community cyber security maturity model, In IEEE International Conference on Technologies for Homeland Security, HST.
US Department of Homeland Security. (2014). Cybersecurity Capability Maturity Model: Version 1.0. White paper, Department of Homeland Security.
Ozkan, S. Lingen, M. Spruit. (2021). The Cybersecurity Focus Area Maturity (CYSFAM) Model, In Journal of Cybersecurity and Privacy, 119-139.
S Department of Energy. (2021). CyberSecurity Capability Maturity Model (C2M2), Office of Cybersecurity, Energy Security and Emergency Response.
Erwin, E. J., Brotherson, M. J. & Summers, J. A. (2011). Understanding Qualitative Metasynthesis: Issues and Opportunities in Early Childhood Intervention Research. Journal of Early Intervention, 33(3):186- 200.
Sandelowski, M. & Barroso, J. (2007) Handbook for synthesizing qualitative research. New York: Springer conference.
Akhtari, M., Keramati, M., & Mousavi, S. A. (2023). A conceptual model of cyber security maturity for the country's critical infrastructure. Defensive Future Studies, 8(29), 101-134. doi: 10.22034/dfsr.2023.2000852.1698
MLA
Mohamad Akhtari; MohamadAli Keramati; Seyedabdollah Amin Mousavi. "A conceptual model of cyber security maturity for the country's critical infrastructure". Defensive Future Studies, 8, 29, 2023, 101-134. doi: 10.22034/dfsr.2023.2000852.1698
HARVARD
Akhtari, M., Keramati, M., Mousavi, S. A. (2023). 'A conceptual model of cyber security maturity for the country's critical infrastructure', Defensive Future Studies, 8(29), pp. 101-134. doi: 10.22034/dfsr.2023.2000852.1698
VANCOUVER
Akhtari, M., Keramati, M., Mousavi, S. A. A conceptual model of cyber security maturity for the country's critical infrastructure. Defensive Future Studies, 2023; 8(29): 101-134. doi: 10.22034/dfsr.2023.2000852.1698
)