A cybersecurity capability maturity model based on Maqasid Shari’ah(MS-C2M2)
In the age of the Internet, cybersecurity poses major challenges to the sovereignty of both developing and developed countries. The first step in addressing the risks is to correctly measure the cybersecurity of the organizations/countries and formulate appropriate remedial actions. Cybersecurity is...
| Main Authors: | , , , , , |
|---|---|
| Format: | Conference or Workshop Item |
| Language: | English English English |
| Published: |
2015
|
| Subjects: | |
| Online Access: | http://irep.iium.edu.my/48910/ http://irep.iium.edu.my/48910/ http://irep.iium.edu.my/48910/1/Cybersecurity_Capability_Maturity_Model-full_paper.pdf http://irep.iium.edu.my/48910/2/Cybersecurity_Capability_Maturity_Model-prog_book.pdf http://irep.iium.edu.my/48910/3/Cybersecurity_Capability_Maturity_Model-letter.pdf |
| Summary: | In the age of the Internet, cybersecurity poses major challenges to the sovereignty of both developing and developed countries. The first step in addressing the risks is to correctly measure the cybersecurity of the organizations/countries and formulate appropriate remedial actions. Cybersecurity is the collection of tools, policies, security concepts, security safeguards, guidelines, risk management approaches, actions, training, best practices, assurance and technologies that can be used to protect the cyber environment and organization and user’s assets. The Maqasid Al-Shari‘ah or the higher objectives of Al-Shari‘ah seeks to preserve five high-level assets and environment that are considered critical to individual and society at large: Deen - Faith, Nafs - Life, ‘Aql – Intellect, Nasl - Progeny and Mal - Wealth. The Maqasid is a comprehensive worldview giving priority to the protection of the five critical assets to the individual, society, organization and the nation. The breach to the confidentiality, integrity and availability (CIA), authentication, and non-repudiation (AN) of these assets would threaten the sustainability of the respective individual, society and organization. The paper seeks to understand the exposure of assets (as defined by the Maqasid Al-Shari‘ah) to cyber threats, and to explore on ideas and concepts of creating a cybersecurity capability maturity model framework that will later measure cybersecurity protective capability and readiness of an organization, a community or a country to preserve the CIA-AN of the five assets from cyber threats. The proposed model will provide a new perspective for cybersecurity capability, and position Maqasid Al-Shari‘ah as a reference for understanding cybersecurity. |
|---|