• KSII Transactions on Internet and Information Systems
    Monthly Online Journal (eISSN: 1976-7277)

Advanced approach to information security management system utilizing maturity models in critical infrastructure

Vol. 12, No. 10, October 30, 2018
10.3837/tiis.2018.10.020, Download Paper (Free):

Abstract

As the area covered by the CPS grows wider, agencies such as public institutions and critical infrastructure are collectively measuring and evaluating information security capabilities. Currently, these methods of measuring information security are a concrete method of recommendation in related standards. However, the security controls used in these methods are lacking in connectivity, causing silo effect. In order to solve this problem, there has been an attempt to study the information security management system in terms of maturity. However, to the best of our knowledge, no research has considered the specific definitions of each level that measures organizational security maturity or specific methods and criteria for constructing such levels. This study developed an information security maturity model that can measure and manage the information security capability of critical infrastructure based on information provided by an expert critical infrastructure information protection group. The proposed model is simulated using the thermal power sector in critical infrastructure of the Republic of Korea to confirm the possibility of its application to the field and derive core security processes and goals that constitute infrastructure security maturity. The findings will be useful for future research or practical application of infrastructure ISMSs.


Statistics

Show / Hide Statistics

Statistics (Cumulative Counts from December 1st, 2015)
Multiple requests among the same browser session are counted as one view.
If you mouse over a chart, the values of data points will be shown.


Cite this article

[IEEE Style]
Y. You, J. Oh, S. Kim, K. Lee, "Advanced approach to information security management system utilizing maturity models in critical infrastructure," KSII Transactions on Internet and Information Systems, vol. 12, no. 10, pp. 4995-5014, 2018. DOI: 10.3837/tiis.2018.10.020.

[ACM Style]
Youngin You, Junhyoung Oh, Sooheon Kim, and Kyungho Lee. 2018. Advanced approach to information security management system utilizing maturity models in critical infrastructure. KSII Transactions on Internet and Information Systems, 12, 10, (2018), 4995-5014. DOI: 10.3837/tiis.2018.10.020.

[BibTeX Style]
@article{tiis:21904, title="Advanced approach to information security management system utilizing maturity models in critical infrastructure", author="Youngin You and Junhyoung Oh and Sooheon Kim and Kyungho Lee and ", journal="KSII Transactions on Internet and Information Systems", DOI={10.3837/tiis.2018.10.020}, volume={12}, number={10}, year="2018", month={October}, pages={4995-5014}}