IDEAS home Printed from https://ideas.repec.org/a/eee/tefoso/v213y2025ics0040162525000277.html
   My bibliography  Save this article

Cybersecurity maturity model: Systematic literature review and a proposed model

Author

Listed:
  • Büyüközkan, Gülçin
  • Güler, Merve

Abstract

The growing importance of cybersecurity stems from its strategic value to various stakeholders, including individuals, businesses, governments, and society as a whole. Ensuring robust cybersecurity programs and assessing maturity levels is critical for organizational resilience. Cybersecurity maturity models have emerged as essential tools for evaluating readiness and guiding improvements. This study aims to systematically review existing research with bibliometric analysis and propose a cybersecurity maturity model that will help organizations assess their readiness. Web of Science and Scopus databases were searched, and bibliometric networks were visualized and explored using the VOSViewer and Biblioshiny software. This study is one of the first attempts to examine cybersecurity maturity areas using the science mapping approach. The proposed cybersecurity maturity model uses bibliometric analysis, literature searches on academic papers, industry reports, and expert opinions. The proposed cybersecurity maturity model comprises five dimensions, fifteen factors, and five levels. The proposed model is applied to three companies to demonstrate the validity using real-world examples. This study significantly contributes to the body of knowledge on cybersecurity maturity. The proposed model serves as the foundation for future researchers interested in determining cybersecurity maturity. Additionally, practitioners can use the proposed maturity factors to lead their cybersecurity systems.

Suggested Citation

  • Büyüközkan, Gülçin & Güler, Merve, 2025. "Cybersecurity maturity model: Systematic literature review and a proposed model," Technological Forecasting and Social Change, Elsevier, vol. 213(C).
    • Handle: RePEc:eee:tefoso:v:213:y:2025:i:c:s0040162525000277
    DOI: 10.1016/j.techfore.2025.123996
    as

    Download full text from publisher

    File URL: http://www.sciencedirect.com/science/article/pii/S0040162525000277
    Download Restriction: Full text for ScienceDirect subscribers only
    File URL: https://libkey.io/10.1016/j.techfore.2025.123996?utm_source=ideas
    LibKey link: if access is restricted and if your library uses this service, LibKey will redirect you to where you can use your library subscription to access this item
    ---><---

    As the access to this document is restricted, you may want to

    for a different version of it.

    References listed on IDEAS

    as
    1. Shen, Lei & Sun, Wanqin & Parida, Vinit, 2023. "Consolidating digital servitization research: A systematic review, integrative framework, and future research directions," Technological Forecasting and Social Change, Elsevier, vol. 191(C).
    2. Poszler, Franziska & Lange, Benjamin, 2024. "The impact of intelligent decision-support systems on humans' ethical decision-making: A systematic literature review and an integrated framework," Technological Forecasting and Social Change, Elsevier, vol. 204(C).
    3. Daim, Tugrul & Lai, Kuei Kuei & Yalcin, Haydar & Alsoubie, Fayez & Kumar, Vimal, 2020. "Forecasting technological positioning through technology knowledge redundancy: Patent citation analysis of IoT, cybersecurity, and Blockchain," Technological Forecasting and Social Change, Elsevier, vol. 161(C).
    4. Henriques de Gusmão, Ana Paula & Mendonça Silva, Maisa & Poleto, Thiago & Camara e Silva, Lúcio & Cabral Seixas Costa, Ana Paula, 2018. "Cybersecurity risk analysis model using fault tree analysis and fuzzy decision theory," International Journal of Information Management, Elsevier, vol. 43(C), pages 248-260.
    5. Krawczyk-Sokołowska, Izabela & Caputa, Wiesława, 2023. "Awareness of network security and customer value – The company and customer perspective," Technological Forecasting and Social Change, Elsevier, vol. 190(C).
    6. Khan, Anupriya & Krishnan, Satish & Dhir, Amandeep, 2021. "Electronic government and corruption: Systematic literature review, framework, and agenda for future research," Technological Forecasting and Social Change, Elsevier, vol. 167(C).
    7. Smith, Kane J. & Dhillon, Gurpreet & Carter, Lemuria, 2021. "User values and the development of a cybersecurity public policy for the IoT," International Journal of Information Management, Elsevier, vol. 56(C).
    8. Belfiore, Alessandra & Cuccurullo, Corrado & Aria, Massimo, 2022. "IoT in healthcare: A scientometric analysis," Technological Forecasting and Social Change, Elsevier, vol. 184(C).
    9. Morris, David & Madzudzo, Garikayi & Garcia-Perez, Alexeis, 2020. "Cybersecurity threats in the auto industry: Tensions in the knowledge environment," Technological Forecasting and Social Change, Elsevier, vol. 157(C).
    10. Benz, Michael & Chatterjee, Dave, 2020. "Calculated risk? A cybersecurity evaluation tool for SMEs," Business Horizons, Elsevier, vol. 63(4), pages 531-540.
    11. Li, Ling & He, Wu & Xu, Li & Ash, Ivan & Anwar, Mohd & Yuan, Xiaohong, 2019. "Investigating the impact of cybersecurity policy awareness on employees’ cybersecurity behavior," International Journal of Information Management, Elsevier, vol. 45(C), pages 13-24.
    12. Karabacak, Bilge & Yildirim, Sevgi Ozkan & Baykal, Nazife, 2016. "A vulnerability-driven cyber security maturity model for measuring national critical infrastructure protection preparedness," International Journal of Critical Infrastructure Protection, Elsevier, vol. 15(C), pages 47-59.
    Full references (including those not matched with items on IDEAS)

    Most related items

    These are the items that most often cite the same works as this one and are cited by the same works as this one.
    1. Tahereh Hasani & Norman O’Reilly & Ali Dehghantanha & Davar Rezania & Nadège Levallet, 2023. "Evaluating the adoption of cybersecurity and its influence on organizational performance," SN Business & Economics, Springer, vol. 3(5), pages 1-38, May.
    2. Lai, Kuei-Kuei & Chen, Yu-Long & Kumar, Vimal & Daim, Tugrul & Verma, Pratima & Kao, Fang-Chen & Liu, Ruirong, 2023. "Mapping technological trajectories and exploring knowledge sources: A case study of E-payment technologies," Technological Forecasting and Social Change, Elsevier, vol. 186(PB).
    3. Agbodoh-Falschau, Kouassi Raymond & Ravaonorohanta, Bako Harinivo, 2023. "Investigating the influence of governance determinants on reporting cybersecurity incidents to police: Evidence from Canadian organizations’ perspectives," Technology in Society, Elsevier, vol. 74(C).
    4. Wei Yu & Huiqin Huang & Xinyan Kong & Keying Zhu, 2023. "Can Digital Inclusive Finance Improve the Financial Performance of SMEs?," Sustainability, MDPI, vol. 15(3), pages 1-16, January.
    5. Jiao Zhang & Qian Wang & Yiping Xia & Katsunori Furuya, 2022. "Knowledge Map of Spatial Planning and Sustainable Development: A Visual Analysis Using CiteSpace," Land, MDPI, vol. 11(3), pages 1-24, February.
    6. Rocco Mazza & Roberta Pace & Anna Paterno, 2023. "Themes and policies on population ageing: a bibliometric approach," RIEDS - Rivista Italiana di Economia, Demografia e Statistica - The Italian Journal of Economic, Demographic and Statistical Studies, SIEDS Societa' Italiana di Economia Demografia e Statistica, vol. 77(2), pages 33-43, April-Jun.
    7. Jorge Hochstetter & Felipe Vásquez & Mauricio Diéguez & Ana Bustamante & Jeferson Arango-López, 2023. "Transparency and E-Government in Electronic Public Procurement as Sustainable Development," Sustainability, MDPI, vol. 15(5), pages 1-24, March.
    8. Valery Michaux, 2022. "Transformations in the automotive sector: complex change, deeper reconfiguration or dangerous disruption? [Les six mutations du secteur automobile : simple transformation, reconfiguration plus prof," Post-Print hal-03736166, HAL.
    9. Broccardo, Laura & Zicari, Adrián & Jabeen, Fauzia & Bhatti, Zeeshan A., 2023. "How digitalization supports a sustainable business model: A literature review," Technological Forecasting and Social Change, Elsevier, vol. 187(C).
    10. Chand Bhatt, Priyanka & Kumar, Vimal & Lu, Tzu-Chuen & Daim, Tugrul, 2021. "Technology convergence assessment: Case of blockchain within the IR 4.0 platform," Technology in Society, Elsevier, vol. 67(C).
    11. Idiano D’Adamo & Rocío González-Sánchez & Maria Sonia Medina-Salgado & Davide Settembre-Blundo, 2021. "E-Commerce Calls for Cyber-Security and Sustainability: How European Citizens Look for a Trusted Online Environment," Sustainability, MDPI, vol. 13(12), pages 1-17, June.
    12. Garza Ramos, Alejandro & Daim, Tugrul & Gaats, Lukas & Hutmacher, Dietmar W. & Hackenberger, David, 2022. "Technology roadmap for the development of a 3D cell culture workstation for a biomedical industry startup," Technological Forecasting and Social Change, Elsevier, vol. 174(C).
    13. Chuanming Sun & Guoxin Tan & Xingyu Chai & Haiqing Zhang, 2023. "Analysis on the Satisfaction of Public Cultural Service by Township Residents: A Qualitative Perspective," Sustainability, MDPI, vol. 15(9), pages 1-23, April.
    14. Pel, Bonno & Raven, Rob & van Est, Rinie, 2020. "Transitions governance with a sense of direction: synchronization challenges in the case of the dutch ‘Driverless Car’ transition," Technological Forecasting and Social Change, Elsevier, vol. 160(C).
    15. Han, Kookyoung & Choi, Jin Hyuk, 2023. "Implications of false alarms in dynamic games on cyber-security," Chaos, Solitons & Fractals, Elsevier, vol. 169(C).
    16. Kumar, Shashank & Raut, Rakesh D. & Agrawal, Nishant & Cheikhrouhou, Naoufel & Sharma, Mahak & Daim, Tugrul, 2022. "Integrated blockchain and internet of things in the food supply chain: Adoption barriers," Technovation, Elsevier, vol. 118(C).
    17. Nguyen, Loan T.Q. & Hoang, Thinh G. & Do, Linh H. & Ngo, Xuan T. & Nguyen, Phuong H.T. & Nguyen, Giang D.L. & Nguyen, Giang N.T., 2021. "The role of blockchain technology-based social crowdfunding in advancing social value creation," Technological Forecasting and Social Change, Elsevier, vol. 170(C).
    18. Song, Haoyang & Hou, Jianhua & Yang, Xiucai & Liu, Ruoyu, 2024. "Wake-up of sleeping beauty patent families: The global non-equilibrium diffusion of technological knowledge," Technology in Society, Elsevier, vol. 79(C).
    19. Naume Sonhera & David Mhlanga, 2022. "Reducing Cyber Incidents through Good Online Behavioral Norms: Lessons from South Africa," Eurasian Journal of Social Sciences, Eurasian Publications, vol. 10(1), pages 37-48.
    20. Arroyabe, Marta F. & Arranz, Carlos F.A. & Fernandez De Arroyabe, Ignacio & Fernandez de Arroyabe, Juan Carlos, 2024. "Exploring the economic role of cybersecurity in SMEs: A case study of the UK," Technology in Society, Elsevier, vol. 78(C).

    More about this item

    Keywords

    ;
    ;
    ;
    ;
    ;

    Statistics

    Access and download statistics

    Corrections

    All material on this site has been provided by the respective publishers and authors. You can help correct errors and omissions. When requesting a correction, please mention this item's handle: RePEc:eee:tefoso:v:213:y:2025:i:c:s0040162525000277. See general information about how to correct material in RePEc.

    If you have authored this item and are not yet registered with RePEc, we encourage you to do it here. This allows to link your profile to this item. It also allows you to accept potential citations to this item that we are uncertain about.

    If CitEc recognized a bibliographic reference but did not link an item in RePEc to it, you can help with this form .

    If you know of missing items citing this one, you can help us creating those links by adding the relevant references in the same way as above, for each refering item. If you are a registered author of this item, you may also want to check the "citations" tab in your RePEc Author Service profile, as there may be some citations waiting for confirmation.

    For technical questions regarding this item, or to correct its authors, title, abstract, bibliographic or download information, contact: Catherine Liu (email available below). General contact details of provider: http://www.sciencedirect.com/science/journal/00401625 .

    Please note that corrections may take a couple of weeks to filter through the various RePEc services.

    IDEAS is a RePEc service. RePEc uses bibliographic data supplied by the respective publishers.