{"title":"适应网络安全成熟度模型的资源约束设置:秘鲁的案例研究","authors":"GangSeok Lee, SuHyun Kim, ImYoung Lee, Suzana Brown, Yuri Aldoradin Carbajal","doi":"10.1002/isd2.12350","DOIUrl":null,"url":null,"abstract":"<p>Developing countries are rapidly embracing digitalization, but this exposes them to heightened cybersecurity risks. They often look to standard established cybersecurity models from developed countries to build their national defenses. However, significant developmental, political, social, and economic differences can render these models unsuitable for developing countries. This study addresses this gap by proposing a new framework that would be more useful in a developing country context. We first examine existing cybersecurity maturity models (CMMs) and metrics. Through a case study of Peru's national computer security incident response team (CSIRT), we assess the applicability of the security incident management maturity model (SIM3) and the security operation center CMM (SOC-CMM) frameworks. By applying these frameworks to the Peruvian context, we identify limitations in standard maturity models for developing countries. In response, we propose a novel framework that allows developing countries like Peru to leverage existing models by tailoring them to their specific environment. This tailored approach can be a powerful tool for developing countries to improve and build their cybersecurity on a national level.</p>","PeriodicalId":46610,"journal":{"name":"Electronic Journal of Information Systems in Developing Countries","volume":"91 1","pages":""},"PeriodicalIF":1.1000,"publicationDate":"2024-10-22","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://onlinelibrary.wiley.com/doi/epdf/10.1002/isd2.12350","citationCount":"0","resultStr":"{\"title\":\"Adapting cybersecurity maturity models for resource-constrained settings: A case study of Peru\",\"authors\":\"GangSeok Lee, SuHyun Kim, ImYoung Lee, Suzana Brown, Yuri Aldoradin Carbajal\",\"doi\":\"10.1002/isd2.12350\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"<p>Developing countries are rapidly embracing digitalization, but this exposes them to heightened cybersecurity risks. They often look to standard established cybersecurity models from developed countries to build their national defenses. However, significant developmental, political, social, and economic differences can render these models unsuitable for developing countries. This study addresses this gap by proposing a new framework that would be more useful in a developing country context. We first examine existing cybersecurity maturity models (CMMs) and metrics. Through a case study of Peru's national computer security incident response team (CSIRT), we assess the applicability of the security incident management maturity model (SIM3) and the security operation center CMM (SOC-CMM) frameworks. By applying these frameworks to the Peruvian context, we identify limitations in standard maturity models for developing countries. In response, we propose a novel framework that allows developing countries like Peru to leverage existing models by tailoring them to their specific environment. This tailored approach can be a powerful tool for developing countries to improve and build their cybersecurity on a national level.</p>\",\"PeriodicalId\":46610,\"journal\":{\"name\":\"Electronic Journal of Information Systems in Developing Countries\",\"volume\":\"91 1\",\"pages\":\"\"},\"PeriodicalIF\":1.1000,\"publicationDate\":\"2024-10-22\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"https://onlinelibrary.wiley.com/doi/epdf/10.1002/isd2.12350\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Electronic Journal of Information Systems in Developing Countries\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://onlinelibrary.wiley.com/doi/10.1002/isd2.12350\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"Q2\",\"JCRName\":\"SOCIAL SCIENCES, INTERDISCIPLINARY\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Electronic Journal of Information Systems in Developing Countries","FirstCategoryId":"1085","ListUrlMain":"https://onlinelibrary.wiley.com/doi/10.1002/isd2.12350","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q2","JCRName":"SOCIAL SCIENCES, INTERDISCIPLINARY","Score":null,"Total":0}
Adapting cybersecurity maturity models for resource-constrained settings: A case study of Peru
Developing countries are rapidly embracing digitalization, but this exposes them to heightened cybersecurity risks. They often look to standard established cybersecurity models from developed countries to build their national defenses. However, significant developmental, political, social, and economic differences can render these models unsuitable for developing countries. This study addresses this gap by proposing a new framework that would be more useful in a developing country context. We first examine existing cybersecurity maturity models (CMMs) and metrics. Through a case study of Peru's national computer security incident response team (CSIRT), we assess the applicability of the security incident management maturity model (SIM3) and the security operation center CMM (SOC-CMM) frameworks. By applying these frameworks to the Peruvian context, we identify limitations in standard maturity models for developing countries. In response, we propose a novel framework that allows developing countries like Peru to leverage existing models by tailoring them to their specific environment. This tailored approach can be a powerful tool for developing countries to improve and build their cybersecurity on a national level.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
