TY - JOUR T1 - Cybersecurity Capability Maturity Models for Providers of Critical Infrastructure JF - Technology Innovation Management Review Y1 - 2014 A1 - Walter Miron A1 - Kevin Muita KW - adoption KW - bersecurity KW - capability maturity models KW - compliance KW - critical infrastructure KW - framework KW - municipalities KW - protection KW - regulation KW - standards AB - Critical infrastructure such as power generation and distribution systems, telecommunications networks, pipelines and pipeline control networks, transportation control networks, financial networks, and government information and communications technology (ICT) have increasingly become the target of cyber-attacks. The impact and cost of these threats, as well as regulatory pressure to mitigate them, have created an impetus to secure these critical infrastructures. Managers have many controls and models at their disposal to help them secure infrastructure technology, including cybersecurity capability maturity models to enable measurement and communication of cybersecurity readiness to top management teams, regulators, and customers, thereby facilitating regulatory compliance, corporate responsibility, and improved brand quality. However, information and awareness is lacking about which models are most appropriate for a given situation and how they should be deployed. This article examines relevant cybersecurity capability maturity models to identify the standards and controls available to providers of critical infrastructure in an effort to improve their level of security preparedness. These capability models are described and categorized by their relevance to different infrastructure domains, and then recommendations are provided on employing capability maturity models to measure and communicate readiness. This article will be relevant to regulators, critical infrastructure providers, and researchers. PB - Talent First Network CY - Ottawa VL - 4 UR - http://timreview.ca/article/837 IS - 10 U1 - Carleton University Walter Miron is a Director of Technology Strategy at TELUS Communications, where he is responsible for the evolution of their packet and optical networks. He has over 20 years of experience in enterprise and service provider networking conducting technology selection and service development projects. Walter is a member of the research program committee of the SAVI project, the Heavy Reading Global Ethernet Executive Council, and the ATOPs SDN/nFV Working Group. He is also Chair of the Venus Cybersecurity Corporation and a board member of the Centre of Excellence for Next Generation Networking (CENGN) in Ottawa, Canada. Walter is currently a graduate student in the Technology Innovation Management (TIM) program at Carleton University in Ottawa, Canada. U2 - Carleton University Kevin Muita is a graduate student in the Technology Innovation Management program at Carleton University in Ottawa, Canada. He has a Bachelor's degree in Technology from Africa Nazarene University in Nairobi, Kenya. He has co-founded two technology startups: a network consultancy company and a systems installation and maintenance company. He has experience in logistics and supply chain management, having managed a Coca-Cola distribution network in Kenya, overseeing a successful 300% increase in sales volume, operations, and service delivery. ER -