Skip to main content
SpringerLink
Log in

Information Security Maturity Level: A Fast Assessment Methodology

  • Conference paper
  • First Online:
Ambient Intelligence– Software and Applications – 8th International Symposium on Ambient Intelligence (ISAmI 2017) (ISAmI 2017)

Part of the book series: Advances in Intelligent Systems and Computing ((AISC,volume 615))

Included in the following conference series:

Abstract

In this paper, we propose an entry-level methodology for the determination of an Information Security Maturity Level. The methodology is based on the analysis of three axes and three functional areas (people, processes and technology) and aims to be a first approach, with the simplicity of language and focus on the recipient, for the quantitative measurement of potential security risks. The methodology has been applied in a real context and the results reveals the usefulness of it. The maturity level is simple to understand facilitating the spread of a security awareness culture, while allowing organisations to plan the necessary activities to mitigate the security threats.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 129.00
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 169.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

References

  1. Lewis, J., Baker, S.: The Economic Impact of Cybercrime and Cyber Espionage. Centre for Strategic and International Studies (2013)

    Google Scholar 

  2. Juniper Research: Cybercrime will Cost Businesses Over $2 Trillion by 2019. https://www.juniperresearch.com/press/press-releases/cybercrime-cost-businesses-over-2trillion (2015). Accessed May 2015

  3. Deloitte: The cyber security imperative. http://www2.deloitte.com/content/dam/Deloitte/ca/Documents/risk/ca-en-13-3694-cyber-security-pov-fin.pdf (2013)

  4. Tarala, J.: A Real-Time Approach to Continuous Monitoring. SANS Institute (2011)

    Google Scholar 

  5. Dempsey, K., Chawla, N., Johnson, A., Johnson, R., Jones, A., Orebaugh, A., Scholl, M., Stine, K.: Information Security Continuous Monitoring (ISCM) for Federal Information Systems and Organizations. NIST Special Publication 800-139, Sept 2011 (2011)

    Google Scholar 

  6. Macedo, F.N.: Models for assessing information security risk. M.Sc. thesis. Instituto Superior Tecnico da Universidade Tecnica de Lisboa (2009)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. CIICESI, ESTG, Politécnico do Porto, Porto, Portugal

    Sérgio Monteiro

  2. GCC, CIICESI, ESTG, Politécnico do Porto, Porto, Portugal

    João Paulo Magalhães

Authors
  1. Sérgio Monteiro
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. João Paulo Magalhães
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to João Paulo Magalhães .

Editor information

Editors and Affiliations

  1. Departamento de Informática y Automática, Universidad de Salamanca, Salamanca, Salamanca, Spain

    Juan F. De Paz

  2. Departamento de Sistemas Informáticos y Computación, Universidad Politécnica de Valencia , Valencia, Valencia, Spain

    Vicente Julián

  3. Departamento de Informática y Automática, Universidad de Salamanca , Salamanca, Salamanca, Spain

    Gabriel Villarrubia

  4. Instituto Superior de Engenharia do Porto, GECAD , Porto, Portugal

    Goreti Marreiros

  5. ALGORITMI Center/Departamento de Informática, University of Minho, Braga, Portugal

    Paulo Novais

Rights and permissions

Reprints and permissions

Copyright information

© 2017 Springer International Publishing AG

About this paper

Cite this paper

Monteiro, S., Magalhães, J.P. (2017). Information Security Maturity Level: A Fast Assessment Methodology. In: De Paz, J., Julián, V., Villarrubia, G., Marreiros, G., Novais, P. (eds) Ambient Intelligence– Software and Applications – 8th International Symposium on Ambient Intelligence (ISAmI 2017). ISAmI 2017. Advances in Intelligent Systems and Computing, vol 615. Springer, Cham. https://doi.org/10.1007/978-3-319-61118-1_33

Download citation

  • DOI: https://doi.org/10.1007/978-3-319-61118-1_33

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-319-61117-4

  • Online ISBN: 978-3-319-61118-1

  • eBook Packages: EngineeringEngineering (R0)

Publish with us

Policies and ethics

Search

Navigation