The NIST Cybersecurity Framework (NIST CSF) is a popular framework to align an organization's cybersecurity practices. However, one component that is nebulous is the inclusion of Tiers in the NIST CSF, where the Tiers are often viewed as a viable Capability Maturity Model (CMM) that can be assessed …

The Secure Controls Framework (SCF) release 2023.2 contains completely new content for its Security & Privacy Capability Maturity Model (SP-CMM). This effort was conducted to help streamline and standardize maturity criteria. If you are unfamiliar with the SP-CMM, it has been around for about 4 …