AIM Triad: A Prioritization Strategy for Public Institutions to Improve Information Security Maturity
In today’s world, private and government organizations are legally obligated to prioritize their information security. They need to provide proof that they are continually improving their cybersecurity compliance. One approach that can help organizations achieve this goal is implementing information...
Main Authors: | , , , |
---|---|
Format: | Article |
Language: | English |
Published: |
MDPI AG
2023-07-01
|
Series: | Applied Sciences |
Subjects: | |
Online Access: | https://www.mdpi.com/2076-3417/13/14/8339 |
_version_ | 1797590369931624448 |
---|---|
author | Jorge Hochstetter-Diez Mauricio Diéguez-Rebolledo Julio Fenner-López Cristina Cachero |
author_facet | Jorge Hochstetter-Diez Mauricio Diéguez-Rebolledo Julio Fenner-López Cristina Cachero |
author_sort | Jorge Hochstetter-Diez |
collection | DOAJ |
description | In today’s world, private and government organizations are legally obligated to prioritize their information security. They need to provide proof that they are continually improving their cybersecurity compliance. One approach that can help organizations achieve this goal is implementing information security maturity models. These models provide a structured framework for measuring performance and implementing best practices. However, choosing a suitable model can be challenging, requiring cultural, process, and work practice changes. Implementing multiple models can be overwhelming, if possible. This article proposes a prioritization strategy for public institutions that want to improve their information security maturity. We thoroughly analyzed various sources through systematic mapping to identify critical similarities in information security maturity models. Our research led us to create the AIM (Awareness, Infrastructure, and Management) Triad. This triad is a practical guide for organizations to achieve maturity in information security practices. |
first_indexed | 2024-03-11T01:20:34Z |
format | Article |
id | doaj.art-589c803c077048db9f0587f4a29e6cb8 |
institution | Directory Open Access Journal |
issn | 2076-3417 |
language | English |
last_indexed | 2024-03-11T01:20:34Z |
publishDate | 2023-07-01 |
publisher | MDPI AG |
record_format | Article |
series | Applied Sciences |
spelling | doaj.art-589c803c077048db9f0587f4a29e6cb82023-11-18T18:11:43ZengMDPI AGApplied Sciences2076-34172023-07-011314833910.3390/app13148339AIM Triad: A Prioritization Strategy for Public Institutions to Improve Information Security MaturityJorge Hochstetter-Diez0Mauricio Diéguez-Rebolledo1Julio Fenner-López2Cristina Cachero3Departamento Ciencias de la Computación e Informática (DCI), Universidad de La Frontera, Temuco 481-1230, ChileDepartamento Ciencias de la Computación e Informática (DCI), Universidad de La Frontera, Temuco 481-1230, ChileDepartamento Ciencias de la Computación e Informática (DCI), Universidad de La Frontera, Temuco 481-1230, ChileAdvanced Development and Empirical Research on Software (ALISoft), Universidad de Alicante, 03080 Alicante, SpainIn today’s world, private and government organizations are legally obligated to prioritize their information security. They need to provide proof that they are continually improving their cybersecurity compliance. One approach that can help organizations achieve this goal is implementing information security maturity models. These models provide a structured framework for measuring performance and implementing best practices. However, choosing a suitable model can be challenging, requiring cultural, process, and work practice changes. Implementing multiple models can be overwhelming, if possible. This article proposes a prioritization strategy for public institutions that want to improve their information security maturity. We thoroughly analyzed various sources through systematic mapping to identify critical similarities in information security maturity models. Our research led us to create the AIM (Awareness, Infrastructure, and Management) Triad. This triad is a practical guide for organizations to achieve maturity in information security practices.https://www.mdpi.com/2076-3417/13/14/8339maturity modelcybersecurityinformation security |
spellingShingle | Jorge Hochstetter-Diez Mauricio Diéguez-Rebolledo Julio Fenner-López Cristina Cachero AIM Triad: A Prioritization Strategy for Public Institutions to Improve Information Security Maturity Applied Sciences maturity model cybersecurity information security |
title | AIM Triad: A Prioritization Strategy for Public Institutions to Improve Information Security Maturity |
title_full | AIM Triad: A Prioritization Strategy for Public Institutions to Improve Information Security Maturity |
title_fullStr | AIM Triad: A Prioritization Strategy for Public Institutions to Improve Information Security Maturity |
title_full_unstemmed | AIM Triad: A Prioritization Strategy for Public Institutions to Improve Information Security Maturity |
title_short | AIM Triad: A Prioritization Strategy for Public Institutions to Improve Information Security Maturity |
title_sort | aim triad a prioritization strategy for public institutions to improve information security maturity |
topic | maturity model cybersecurity information security |
url | https://www.mdpi.com/2076-3417/13/14/8339 |
work_keys_str_mv | AT jorgehochstetterdiez aimtriadaprioritizationstrategyforpublicinstitutionstoimproveinformationsecuritymaturity AT mauriciodieguezrebolledo aimtriadaprioritizationstrategyforpublicinstitutionstoimproveinformationsecuritymaturity AT juliofennerlopez aimtriadaprioritizationstrategyforpublicinstitutionstoimproveinformationsecuritymaturity AT cristinacachero aimtriadaprioritizationstrategyforpublicinstitutionstoimproveinformationsecuritymaturity |