KuppingerCole Report
Advisory Note
By Mike Small

Maturity Level Matrix for Cyber Security

KuppingerCole Maturity Level Matrixes for the major market segments within cyber security. These provide the foundation for rating the current state of your cyber security projects and programs.
By
sm@kuppingercole.com

Content of Figures

  1. Figure 1 Hybrid IT Security Architecture
  2. Figure 2 Symbols representing attribute levels

1 KuppingerCole Maturity Level Matrix - How to use this document

Most organizations now critically depend upon IT services to operate and are therefore their business is vulnerable to cyber security incidents. This ...

Login Free 30-day Select Access Get full Access

1.1 Why Cyber Security projects need regular reviews

Business objectives, organizational best practices and technologies are constantly evolving. It is essential to continuously review your organization/em> ...

Login Free 30-day Select Access Get full Access

1.2 How to use the KuppingerCole Maturity Level Matrixes

The KuppingerCole Maturity Level Matrixes are tools for analysing the current state of IT programs and projects.

They provide information about leve ...

4. Level 4 – is characterized by a higher level of automation and efficiency. In effect the processes defined for Level 3 are automated where prac ...

5. Level 5 – is the optimal level. It builds upon the processes and technologies described in Level 4.

  • Level 5 Business and Organizational Att ...

Login Free 30-day Select Access Get full Access

1.3 Key Support Attributes

In addition to the CMM model there are six additional Key Support Attributes.

These attributes are different for the organizational and the technolo ...

Architecture Data and Access Application Security Network Security Compute and Storage Security Physical Security
A security ...

The maturity of the above six supporting attributes are visually displayed, as described in the figure above. Where the shape fill is green this indic ...

Login Free 30-day Select Access Get full Access

1.4 Using the Matrix and Supporting Attributes

As an example, the CISO of an organization is conducting a review of its overall cyber security program and security posture. The purpose of this revi ...

Login Free 30-day Select Access Get full Access

2 The Cyber Security Matrixes

The following sections contain two Maturity Level Matrixes for cyber security, and covers:

  • Organization / Business cyber security Maturity
  • Cyber ...
Login Free 30-day Select Access Get full Access

2.1 Organizational / Business Cyber Security Maturity

The chart below depicts typical, exemplary characteristics and attributes of an organizational / business cyber security maturity of an organization r ...

Login Free 30-day Select Access Get full Access

2.2 Cyber Security Technology Maturity

The chart below depicts typical, exemplary characteristics and attributes of the cyber security technology maturity of an organization rated from Leve ...

Login Free 30-day Select Access Get full Access

3 Related Research

Advisory Note: Architecture Blueprint Hybrid Cloud Security - 72552
Advisory Note: KRIs and KPI for Access Governance - 72559
Leadership Brief: Product Security as Your Biggest Challenge: Start Before It’s Too Late - 72011
Leadership Brief: A Practical Approach to Enterprise Security Architecture (ESA) - 70222
Advisory Note: GRC Reference Architecture - 72582
Architecture Blueprint: Access Governance and Privilege Management - 79045
Advisory Note: Cloud Services and Security - 72561

Copyright

©2020 KuppingerCole Analysts AG all rights reserved. Reproduction and distribution of this publication in any form is forbidden unless prior written permission. All conclusions, recommendations and predictions in this document represent KuppingerCole´s initial view. Through gathering more information and performing deep analysis, positions presented in this document will be subject to refinements or even major changes. KuppingerCole disclaim all warranties as to the completeness, accuracy and/or adequacy of this information. Even if KuppingerCole research documents may discuss legal issues related to information security and technology, KuppingerCole do not provide any legal services or advice and its publications shall not be used as such. KuppingerCole shall have no liability for errors or inadequacies in the information contained in this document. Any opinion expressed may be subject to change without notice. All product and company names are trademarksTM or registered® trademarks of their respective holders. Use of them does not imply any affiliation with or endorsement by them.

KuppingerCole Analysts support IT professionals with outstanding expertise in defining IT strategies and in relevant decision-making processes. As a leading analyst ompany, KuppingerCole provides first-hand vendor-neutral information. Our services allow you to feel comfortable and secure in taking decisions essential to your business.

KuppingerCole Analysts, founded in 2004, is a global analyst company headquartered in Europe focusing on Information Security and Identity and Access Management (IAM). KuppingerCole stands for expertise, thought leadership, outstanding practical relevance, and a vendor-neutral view on the information security market segments, covering all relevant aspects like: Identity and Access Management (IAM), Governance & Auditing Tools, Cloud and Virtualization Security, Information Protection, Mobile as well as Software Security, System and Network Security, Security Monitoring, Analytics & Reporting, Governance, and Organization & Policies.

For further information, please contact clients@kuppingercole.com.

top