Volume 11, Issue 1 (3-2019)                   itrc 2019, 11(1): 57-70 | Back to browse issues page

XML Print

Download citation:
BibTeX | RIS | EndNote | Medlars | ProCite | Reference Manager | RefWorks
Send citation to:

kassaee M, Gholami Merhabadi M, arabsorkhi A. A Novel Model for MSSP Maturity Assessment. itrc 2019; 11 (1) :57-70
URL: http://ijict.itrc.ac.ir/article-1-356-en.html
1- Assistant Professor, University of Shahid Beheshti
2- Ph.D. student of Industrial Management, Faculty of Management and Accounting, Shahid Beheshti University
3- ICT Research Institute Tehran, Iran , abouzra_arab@itrc.ac.ir
Abstract:   (1469 Views)
The growing threat and security risks in information and communication technology, beside the increasing use of information and communication technologies, are two main decision makers for executives of organizations, service providers and the general public. Internet Service Providers are known to be the main stakeholder of this space. If Internet Service Providers have known as untrusted party, it can put their business and community level services at serious risk. Moreover, Resource limitation and the lack of expert in cyber security have made lots of major challenge for ISPs in dealing with and managing security threats. In many developing countries, this problem has been solved using Managed Security Service Providers. Managed Security Services are network-based security services that are outsourced by a trusted third party. The diversity of Managed Security Service Providers affects the effectiveness and efficiency of decision making in this area, as well as the correct selection of them. Therefore, in order to outsource the security services, the assessment of these organizations is inevitable. This assessment can be done by various mechanisms. One of the acceptable strategies in the security is the maturity model. Maturity models are step-by-step solutions to grow organizational capabilities along a predicted, desirable, or logical path. In fact, maturity models provide standard way to assess process maturity along with business process improvement. Hitherto, no maturity model has been developed to assess the Managed Security Service Providers. Therefore, in this paper considering different issues to evaluate frameworks, we have proposed a novel model to assess the maturity of Managed Security Service Providers. The evaluation of the proposed maturity model is based on multiple case studies.
Full-Text [PDF 534 kb]   (742 Downloads)    
Type of Study: Research | Subject: Network

Add your comments about this article : Your username or Email:

Send email to the article author

Rights and permissions
Creative Commons License This work is licensed under a Creative Commons Attribution-NonCommercial 4.0 International License.