A New Adaptive Cyber-security Capability Maturity Model

One of the key indicators of success in deploying business processes in organizations is to pay attention to the organization's current status and its proper targeting for the future. As our need to continuous planning and improvement, the maturity model is presented as a continuous and level-based performance evaluation tool. This model shows not only the current situation, but also the closest and most desirable situation for managers. Also, maturity model determines the amount of progress based on set of specific criteria. Since security is known as a process not a product, the maturity model is also used to measure the level of organization's security. Today, because of the growing importance of security, identifying the factors that can be used to assess the level of cyber security is the ability that organizations are trying to achieve. In this paper, based on the conditions of information security and technology maturity, examining different maturity models and reviewing content literature, we propose a comprehensive framework to defining the criteria for evaluation of organizational maturity.