Cybersecurity Maturity Assessment of Information Systems for Yemen Telecoms

Authors

  • Abdulkarem Yahya Abohatem Information System Department, Faculty of Computer and Information Technology Sana’a University, Yemen
  • Fadl Mutaher Ba-Alwi Information System Department, Faculty of Computer and Information Technology Sana’a University, Yemen

Keywords:

Yemen Telecoms, Information Systems, cybersecurity maturity, Maturity assessments, Security measures

Abstract

With the use of several standards, this study seeks to ascertain Yemen Telecoms' level of maturity and assess the efficacy of information systems protection. Specialist information and recurring technical reports were used to gather the data, which was then compared to the international standard required to determine the maturity level. Strong cybersecurity procedures must be in place since cybersecurity threats are becoming more frequent and complicated. Although Yemen Telecoms has put in place a number of cybersecurity measures, our analysis shows that its information system protection rules and procedures still have holes. Choosing the best cybersecurity framework will also be aided by the study. In order to effectively defend Yemen Telecoms against cyber threats, we offer suggestions for bolstering the cybersecurity information systems.

Downloads

Download data is not yet available.

References

D. P. Dube and R. J. I. J. o. B. I. S. Mohanty,” Towards the development of a cyber security capability maturity model,” vol. 34, no. 1, pp. 104-127, 2020.

A. Garba, M. M. Siraj, and S. H. J. A. S. T. E. S. J. Othman,” An explanatory review on cybersecurity capability maturity models,” vol. 5, no. 4, pp. 762-769, 2020.

O. M. Al-Matari, I. M. Helal, S. A. Mazen, and S. J. I. S. J. A. G. P. Elhennawy,” Integrated framework for cybersecurity auditing,” vol. 30, no. 4, pp. 189-204, 2021.

S. N. G. Gourisetti, M. Mylrea, and H. J. F. G. C. S. Patangia,” Cybersecurity vulnerability mitigation framework through empirical paradigm: Enhanced prioritized gap analysis,” vol. 105, pp. 410-431, 2020.

Barclay,” Sustainable security advantage in a changing environment: The Cybersecurity Capability Maturity Model (CM 2),” in Proceedings of the 2014 ITU kaleidoscope academic conference: Living in a converged world-Impossible without standards? 2014, pp. 275-282: IEEE.

Sulistyowati, F. Handayani, and Y. J. J. I. J. o. I. V. Suryanto,” Comparative analysis and design of cybersecurity maturity assessment methodology using nist csf, cobit, iso/iec 27002 and pci dss,” vol. 4, no. 4, pp. 225-230, 2020.

Y. Maleh, A. Sahid, and M. J. E. Belaissaoui,” A maturity framework for cybersecurity governance in organizations,” vol. 63, no. 6, pp. 1-22, 2021.

Schmitz, M. Schmid, D. Harborth, S. J. C. Pape, and Security,” Maturity level assessments of information security controls: An empirical analysis of practitioners assessment capabilities,” vol. 108, p. 102306, 2021.

M. Bitzer et al.,” Managing the Inevitable–A Maturity Model to Establish Incident Response Management Capabilities,” vol. 125, p. 103050, 2023.

Aliyu et al.,” A holistic cybersecurity maturity assessment framework for higher education institutions in the United Kingdom,” vol. 10, no. 10, p. 3660, 2020.

Almomani, M. Ahmed, and L. J. P. C. S. Maglaras,” Cybersecurity maturity assessment framework for higher education institutions in Saudi Arabia,” vol. 7, p. e703, 2021.

Yigit Ozkan, S. van Lingen, M. J. J. o. C. Spruit, and Privacy,” The cybersecurity focus area maturity (CYSFAM) model,” vol. 1, no. 1, pp. 119-139, 2021.

N. G. Gourisetti, M. Mylrea, and H. Patangia,” Application of rank-weight methods to blockchain cybersecurity vulnerability assessment framework,” in 2019 IEEE 9th Annual Computing and Communication Workshop and Conference (CCWC), 2019, pp. 0206-0213: IEEE.

G. Drivas, A. Chatzopoulou, L. Maglaras, C. Lambrinoudakis, A. Cook, and H. Janicke,” A nis directive compliant- cybersecurity maturity assessment framework,” in 2020 IEEE 44th Annual Computers, Software, and Applications Conference (COMPSAC), 2020, pp. 1641-1646: IEEE.

M. Rea-Guaman, T. San Feliu, J. A. Calvo-Manzano, and I. D. Sanchez-Garcia,” Comparative study of cybersecurity capability maturity models,” in Software Process Improvement and Capability Determination: 17th International Conference, SPICE 2017, Palma de Mallorca, Spain, October 4–5, 2017, Proceedings, 2017, pp. 100-113: Springer.

Razikin and A. J. C. J. Widodo,” General Cybersecurity Maturity Assessment Model: Best Practice to Achieve Payment Card Industry-Data Security Standard (PCI-DSS) Compliance,” vol. 15, no. 2, pp. 91-104, 2021.

N. Ramadhan and U. Rose,” Adapting ISO/IEC 27001 Information Security Management Standard to SMEs,” ed, 2022.

P. G. Putra, F. Humani, F. W. Zakiy, M. R. Shihab, and B. Ranti,” Maturity Assessment of Cyber Security in The Workforce Management Domain: A Case Study in Bank Indonesia,” in 2020 International Conference on Information Technology Systems and Innovation (ICITSI), 2020, pp. 89-94: IEEE.

V. Monev,” Organisational information security maturity assessment based on ISO 27001 and ISO 27002,” in 2020 International Conference on Information Technologies (InfoTech), 2020, pp. 1-5: IEEE.

P. N˘astase, F. N˘astase, C. J. E. c. Ionescu, e. c. studies, and research,” Challenges generated by the implementation of the IT standards CobiT 4.1, ITIL v3 and ISO/IEC 27002 in enterprises,” vol. 43, no. 3, pp. 1-16, 2009.

J. Wibowo and K. J. J. S. I. Ramli,” Impact of Implementation of Information Security Risk Management and Security Controls on Cyber Security Maturity (A Case Study at Data Management Applications of XYZ Institute),” vol. 18, no. 2, pp. 1-17, 2022.

Bashofi and M. Salman,” Cybersecurity Maturity

Assessment Design Using NISTCSF, CIS CONTROLS v8 and ISO/IEC 27002,” in 2022 IEEE International Conference- on Cybernetics and Computational Intelligence (CyberneticsCom), 2022, pp. 58-62: IEEE.

M. J. A. c. J. Alshar’e,” CYBER SECURITY FRAMEWORK SELECTION: COMPARISION OF NIST AND ISO27001,” pp. 245-255, 2023.

Downloads

Published

13.12.2023

How to Cite

Abohatem , A. Y. ., & Ba-Alwi , F. M. . (2023). Cybersecurity Maturity Assessment of Information Systems for Yemen Telecoms. International Journal of Intelligent Systems and Applications in Engineering, 12(8s), 539–548. Retrieved from https://ijisae.org/index.php/IJISAE/article/view/4185

Issue

Vol. 12 No. 8s (2024)

Section

Research Article

License

Creative Commons License

This work is licensed under a Creative Commons Attribution-ShareAlike 4.0 International License.

All papers should be submitted electronically. All submitted manuscripts must be original work that is not under submission at another journal or under consideration for publication in another form, such as a monograph or chapter of a book. Authors of submitted papers are obligated not to submit their paper for publication elsewhere until an editorial decision is rendered on their submission. Further, authors of accepted papers are prohibited from publishing the results in other publications that appear before the paper is published in the Journal unless they receive approval for doing so from the Editor-In-Chief.

IJISAE open access articles are licensed under a Creative Commons Attribution-ShareAlike 4.0 International License. This license lets the audience to give appropriate credit, provide a link to the license, and indicate if changes were made and if they remix, transform, or build upon the material, they must distribute contributions under the same license as the original.