Cyber Security Maturity Assessment Framework for Technology Startups: A Systematic Literature Review

Kód výsledku v IS VaVaI

<a href="https://www.isvavai.cz/riv?ss=detail&h=RIV%2F62690094%3A18450%2F23%3A50019833" target="_blank" >RIV/62690094:18450/23:50019833 - isvavai.cz</a>

Výsledek na webu

<a href="https://ieeexplore.ieee.org/document/9989381" target="_blank" >https://ieeexplore.ieee.org/document/9989381</a>

DOI - Digital Object Identifier

<a href="http://dx.doi.org/10.1109/ACCESS.2022.3229766" target="_blank" >10.1109/ACCESS.2022.3229766</a>

Jazyk výsledku

angličtina

Název v původním jazyce

Cyber Security Maturity Assessment Framework for Technology Startups: A Systematic Literature Review

Popis výsledku v původním jazyce

Cybersecurity has gained increasing interest among firms of different sizes and industries due to the significant rise of cyber-attacks over time. Technology start-ups are particularly vulnerable to cyber-attacks, as appropriate security measures cannot be executed due to their limited human capital and financial resources to quantify cyber risks and allocate appropriate investments to cyber security. Focusing on technology start-ups, this study conducted a systematic literature review on cyber security maturity assessment frameworks. This study addressed five research questions on the existing cyber security maturity assessment frameworks in various industries, the target for implementation, cyber security maturity level, and shared control domains of these frameworks, and the quantification of the return of cyber security investments. Referring to the Preferred Reporting Items for Systematic Reviews and Meta-Analysis (PRISMA) checklist, a detailed analysis was performed on 23 published research articles (out of 1,772) from reputable journals and conference proceedings from January 2011 to June 2022. The obtained results revealed the lack of a cyber security maturity assessment framework for technology start-ups. Despite the similarities in the cyber security maturity level for certain frameworks, the results revealed no singular framework that can evaluate the cyber security maturity level for technology start-ups. The results further revealed the lack of studies on the quantification of the return of cyber security investments in an end-to-end cyber security maturity assessment framework for technology start-ups. Author

Název v anglickém jazyce

Cyber Security Maturity Assessment Framework for Technology Startups: A Systematic Literature Review

Popis výsledku anglicky

Cybersecurity has gained increasing interest among firms of different sizes and industries due to the significant rise of cyber-attacks over time. Technology start-ups are particularly vulnerable to cyber-attacks, as appropriate security measures cannot be executed due to their limited human capital and financial resources to quantify cyber risks and allocate appropriate investments to cyber security. Focusing on technology start-ups, this study conducted a systematic literature review on cyber security maturity assessment frameworks. This study addressed five research questions on the existing cyber security maturity assessment frameworks in various industries, the target for implementation, cyber security maturity level, and shared control domains of these frameworks, and the quantification of the return of cyber security investments. Referring to the Preferred Reporting Items for Systematic Reviews and Meta-Analysis (PRISMA) checklist, a detailed analysis was performed on 23 published research articles (out of 1,772) from reputable journals and conference proceedings from January 2011 to June 2022. The obtained results revealed the lack of a cyber security maturity assessment framework for technology start-ups. Despite the similarities in the cyber security maturity level for certain frameworks, the results revealed no singular framework that can evaluate the cyber security maturity level for technology start-ups. The results further revealed the lack of studies on the quantification of the return of cyber security investments in an end-to-end cyber security maturity assessment framework for technology start-ups. Author

Druh

J_imp - Článek v periodiku v databázi Web of Science

CEP obor

—

OECD FORD obor

10201 - Computer sciences, information science, bioinformathics (hardware development to be 2.2, social aspect to be 5.8)

Projekt

—

Návaznosti

I - Institucionalni podpora na dlouhodoby koncepcni rozvoj vyzkumne organizace

Rok uplatnění

2023

Kód důvěrnosti údajů

S - Úplné a pravdivé údaje o projektu nepodléhají ochraně podle zvláštních právních předpisů

Název periodika

IEEE Access

ISSN

2169-3536

e-ISSN

2169-3536

Svazek periodika

11

Číslo periodika v rámci svazku

January

Stát vydavatele periodika

US - Spojené státy americké

Počet stran výsledku

11

Strana od-do

5442-5452

Kód UT WoS článku

000918492200001

EID výsledku v databázi Scopus

2-s2.0-85144761804