Cybersecurity maturity model for the Brazilian Federal Government Agencies

This paper presents a Cybersecurity maturity model for the agencies of the Brazilian Federal Public Administration. Qualitative research was conducted to analyze Cybersecurity maturity models found in the literature, which served as ground to develop the proposed model. To analyze, understand and construe the qualitative material, we used content analysis and an online questionnaire. The content analysis was divided into pre-analysis, material exploration and handling of results which allowed setting the domains of the proposed model. The model was applied through an online questionnaire, with the participation of 35 (thirty-five) agencies of the Brazilian Federal Public Administration. The results evidenced that, in general, the agencies surveyed have low maturity in Cybersecurity. The proposed model meets goal 7 of the Brazilian Cyber Security Strategy, as well as assists in the improvement of Cyber Security in Brazil.