A Conceptual Consumer Data Protection Maturity Model for Government Adoption: South African Context

“…The Identity Management and Access Control objective complements the practices declared in ISO 29146, NIST SP 800-205 and the ISO 24760 family, for which reason it proposes the following capabilities: 55) Management of identities and credentials for users and devices [99]; 56) Access and Physical Protection [100]; 57) Remote Access [101]; 58) Permits with less privilege and segregation of duties [102]; 59) Integrity and Segregation [103] In the Protective Technology objective, recommended practices are included in NIST SP 800-160, NIST SP 800-40, NIST SP 800-86, CMMi, ISO 62443 data protection [106], the maturity model for web applications against cyber-attacks based on in OSWAP [107], and the Action Plan for the implementation of an ICAO Cybersecurity Strategy, the proposed capabilities are: 69) Cryptography [108]; 70) Personnel and Assignment of Cybersecurity Roles [109]; 71) Security in Unattended Systems and Unconnected Assets [110]; 72) Resilience in capacity to ensure availability [111]; 73) Baseline and Update [112]; 74) Vulnerability Management [113]; 75) Guarantee of Integrity and Non-repudiation [114]; 76) Safeguards [115]; 77) Antivirus Protection [116] [117]; 87) Firewall, protection of networks and communications [59]; 88) Deployment Resilience Techniques [118]; 89) Technology Monitoring [119] and 90) Security Architecture [120].…”

Aeronautic maturity cybersecurity: a framework

“…The Identity Management and Access Control objective complements the practices declared in ISO 29146, NIST SP 800-205 and the ISO 24760 family, for which reason it proposes the following capabilities: 55) Management of identities and credentials for users and devices [99]; 56) Access and Physical Protection [100]; 57) Remote Access [101]; 58) Permits with less privilege and segregation of duties [102]; 59) Integrity and Segregation [103] In the Protective Technology objective, recommended practices are included in NIST SP 800-160, NIST SP 800-40, NIST SP 800-86, CMMi, ISO 62443 data protection [106], the maturity model for web applications against cyber-attacks based on in OSWAP [107], and the Action Plan for the implementation of an ICAO Cybersecurity Strategy, the proposed capabilities are: 69) Cryptography [108]; 70) Personnel and Assignment of Cybersecurity Roles [109]; 71) Security in Unattended Systems and Unconnected Assets [110]; 72) Resilience in capacity to ensure availability [111]; 73) Baseline and Update [112]; 74) Vulnerability Management [113]; 75) Guarantee of Integrity and Non-repudiation [114]; 76) Safeguards [115]; 77) Antivirus Protection [116] [117]; 87) Firewall, protection of networks and communications [59]; 88) Deployment Resilience Techniques [118]; 89) Technology Monitoring [119] and 90) Security Architecture [120].…”

Aeronautic maturity cybersecurity: a framework

“…Despite compliance with ISM requirements, many organizations continue to suffer from security incidents, indicating low maturity levels in ISM implementation. 53 Personal data protection maturity model for the micro financial sector in Peru [98] The microfinance sector is crucial for the economic development of developing countries, as it promotes the integration and growth of all social classes. With the increasing volume of data generated by transactions and operations in this sector, it is important to manage personal data privacy policies effectively to comply with regulations, make informed decisions, and improve processes.…”

AIM Triad: A Prioritization Strategy for Public Institutions to Improve Information Security Maturity