The application of cyber security capability maturity model to identify the impact of internal efficiency factors on the external effectiveness of cyber security.

Cyber security threats to the digital infrastructure have been increasing manifold and are concerns for the resilience of the business. There is constant need to improve and measure the cyber security performance. Although there are various capability maturity models formulated, there is a need to construct the internal efficiency and external effectiveness factors of cyber security, which can be further correlated to improve the effectiveness of the performance. In this paper, we constructed the efficiency and effectiveness factors of cyber security by using grounded theory methodologies and developed models to identify the impact of internal efficiency factors on the external effectiveness of cyber security using SEM techniques. Research data is collected from 216 respondents comprising of information security and business stakeholders from seven business sectors. This study has implications for future researchers and practitioner for improving cyber security performance.