Software Engineering Institute | Carnegie Mellon University
Software Engineering Institute | Carnegie Mellon University

Digital Library

Javascript is currently disabled for your browser. For an optimal search experience, please enable javascript.

Advanced Search

Basic Search

Content Type


Publication Date


Why Use Maturity Models to Improve Cybersecurity: Key Concepts, Principles, and Definitions

  • August 2013
  • By Richard A. Caralli, Julia H. Allen
  • In this podcast, Rich Caralli explains how maturity models provide measurable value in improving an organization's cybersecurity capabilities.
  • Governance
  • Publisher: CERT
  • Listen

    Loading Podcast.....
  • Related

    Introduction to the CERT Management Model

  • Abstract

    In recent years, rapid evolutions have occurred in technology and its application in most market sectors, leading to the introduction of many new systems, business processes, markets, and enterprise integration approaches. How do you manage the interactions of systems and processes that are continually evolving? Just as important, how can you tell if you are doing a good job of managing these changes, as well as monitoring your progress on an ongoing basis? And how do poor processes impact interoperability, safety, reliability, efficiency, and effectiveness? Maturity models can help you answer these questions by providing a benchmark to use when assessing how a set of security practices has evolved. [1]

    In this podcast, Rich Caralli, the technical director of CERT's Cyber Enterprise and Workforce Management Directorate, discusses maturity models and how they are being used to improve cybersecurity. He describes their key concepts, definitions, and principles and how these can and have been applied to a wide range of disciplines and market sectors.

    Related Courses
    Introduction to the CERT Resilience Management Model






  • Transcript