The Two-Dimensional CCSMM

The Two-Dimensional CCSMM

Gregory B. White (CIAS, The University of Texas at San Antonio, USA) and Natalie Sjelin (CIAS, The University of Texas at San Antonio, USA)
Copyright: © 2022 |Pages: 16
DOI: 10.4018/978-1-6684-3698-1.ch006
OnDemand PDF Download:
No Current Special Offers


The community cyber security maturity model (CCSMM) defines four dimensions and five implementation mechanisms in describing the relative maturity of an organization or an SLTT's cybersecurity program. These are used in defining levels of maturity and the cybersecurity characteristics of an organization or SLTT at each level. In order to progress from one level to the next, a variety of activities should take place, and these are defined in terms of five different mechanisms. In between two levels are a variety of activities that should take place to help the entity to advance from one level to the next. These groups of activities describe four phases, each of which takes place between two levels. Thus, Phase 1 defines the activities that should occur for an entity to advance from Level 1 to Level 2.
Chapter Preview


A critical factor in developing the CCSMM was that cybersecurity is not a binary issue. A state or community does not either have security or it doesn’t. There are many levels of security preparedness and not every entity needs the same level of security preparedness – it should be based on the actual threats to the state, community, tribe, territory, or organization. This implies there are different levels of security that can be implemented so one of the first tasks in developing a program would be to understand the different levels, understand what is currently implemented, and know what the ultimate goal is. In other words, what security level is needed or desired by the community? The CCSMM was thus created to provide three things:

Complete Chapter List

Search this Book: