Next Article in Journal / Special Issue
Sharing Machine Learning Models as Indicators of Compromise for Cyber Threat Intelligence
Previous Article in Journal
A Cryptography-Powered Infrastructure to Ensure the Integrity of Robot Workflows
Previous Article in Special Issue
Blockchain Technology: Emerging Applications and Use Cases for Secure and Trustworthy Smart Systems
Article

The Cybersecurity Focus Area Maturity (CYSFAM) Model

1
Department of Information and Computing Sciences, Utrecht University, Princetonplein 5, 3584 CC Utrecht, The Netherlands
2
Leiden Institute of Advanced Computer Science, Leiden University, Niels Bohrweg 1, 2333 CA Leiden, The Netherlands
3
Public Health and Primary Care, Leiden University Medical Center, Campus The Hague, Turfmarkt 99, 2511 DP The Hague, The Netherlands
*
Author to whom correspondence should be addressed.
J. Cybersecur. Priv. 2021, 1(1), 119-139; https://doi.org/10.3390/jcp1010007
Received: 25 December 2020 / Revised: 21 January 2021 / Accepted: 4 February 2021 / Published: 13 February 2021
The cost of recovery after a cybersecurity attack is likely to be high and may result in the loss of business at the extremes. Evaluating the acquired cybersecurity capabilities and evolving them to a desired state in consideration of risks are inevitable. This research proposes the CYberSecurity Focus Area Maturity (CYSFAM) Model for assessing cybersecurity capabilities. In this design science research, CYSFAM was evaluated at a large financial institution. From the many cybersecurity standards, 11 encompassing focus areas were identified. An assessment instrument—containing 144 questions—was developed. The in-depth single case study demonstrates how and to what extent cybersecurity related deficiencies can be identified. The novel scoring metric has been proven to be adequate, but can be further improved upon. The evaluation results show that the assessment questions suit the case study target audience; the assessment can be performed within four hours; the organization recognizes itself in the result. View Full-Text
Keywords: cybersecurity; cybersecurity risk assessment; cybersecurity capability improvement; cyber-risks; cyber-attacks; design science research; standards cybersecurity; cybersecurity risk assessment; cybersecurity capability improvement; cyber-risks; cyber-attacks; design science research; standards
Show Figures

Figure 1

MDPI and ACS Style

Yigit Ozkan, B.; van Lingen, S.; Spruit, M. The Cybersecurity Focus Area Maturity (CYSFAM) Model. J. Cybersecur. Priv. 2021, 1, 119-139. https://doi.org/10.3390/jcp1010007

AMA Style

Yigit Ozkan B, van Lingen S, Spruit M. The Cybersecurity Focus Area Maturity (CYSFAM) Model. Journal of Cybersecurity and Privacy. 2021; 1(1):119-139. https://doi.org/10.3390/jcp1010007

Chicago/Turabian Style

Yigit Ozkan, Bilge, Sonny van Lingen, and Marco Spruit. 2021. "The Cybersecurity Focus Area Maturity (CYSFAM) Model" Journal of Cybersecurity and Privacy 1, no. 1: 119-139. https://doi.org/10.3390/jcp1010007

Find Other Styles

Article Access Map by Country/Region

1
Back to TopTop