A multi-criteria evaluation of cybersecurity incident management frameworks: integrating AHP, CMMI and SWOT

Basit Öğe Kaydı
dc.authorid0009-0005-4549-3376
dc.authorid0000-0003-2865-6370
dc.contributor.authorAğar, Hasan Çağlaren_US
dc.contributor.authorÇeliktaş, Barışen_US
dc.date.accessioned2026-03-03T07:06:47Z
dc.date.available2026-03-03T07:06:47Z
dc.date.issued2026-01-15
dc.departmentIşık Üniversitesi, Lisansüstü Eğitim Enstitüsü, Bilgisayar Mühendisliği Yüksek Lisans Programıen_US
dc.departmentIşık University, School of Graduate Studies, Master’s Program in Computer Engineeringen_US
dc.departmentIşık Üniversitesi, Mühendislik ve Doğa Bilimleri Fakültesi, Bilgisayar Mühendisliği Bölümüen_US
dc.departmentIşık University, Faculty of Engineering and Natural Sciences, Department of Computer Engineeringen_US
dc.description.abstractWith the growing complexity and frequency of cybersecurity incidents, the selection of an appropriate incident management framework has emerged as a strategic imperative and a nontrivial decision-making problem for organizations operating across diverse sectors. This study presents a multi-dimensional evaluation of four globally recognized frameworks and standards—ISO 27035, NIST 800-61, ITIL v4, and PCI DSS—to determine their effectiveness across 10 rigorously selected key performance parameters. The initial stage of the study involved the identification of 20 preliminary parameters through expert input and literature synthesis. These were then evaluated by 70 cybersecurity professionals using a hybrid decision-making model combining Likert scale scoring, standard deviation filtering, CV score, Z-score normalization and the Analytic Hierarchy Process (AHP) for pairwise comparisons. The top 10 key parameters were derived based on calculated priority weights. To assess each framework, we applied the Capability Maturity Model Integration (CMMI) and visualized results via radar charts and heatmaps, offering comparative insights into operational maturity. Additionally, SWOT analysis was conducted to examine strategic positioning and identify opportunities for improvement. The outcomes not only provide a practical benchmarking guide for practitioners but also introduce a replicable, evidence-based methodology for academic and industry adoption. This work offers a novel and structured lens to evaluate incident management maturity, addressing the pressing need for strategic alignment, automation integration, and adaptive resilience in cybersecurity operations.en_US
dc.description.versionPublisher's Versionen_US
dc.identifier.citationAğar, H. Ç. & Çeliktaş, B. (2026). A Multi-Criteria Evaluation of Cybersecurity Incident Management Frameworks: Integrating AHP, CMMI and SWOT. Black Sea Journal of Engineering and Science, 9(1), 158-179. https://doi.org/10.34248/bsengineering.1729927en_US
dc.identifier.endpage176
dc.identifier.issn2619-8991
dc.identifier.issue1
dc.identifier.startpage158
dc.identifier.urihttps://hdl.handle.net/11729/7088
dc.identifier.urihttps://doi.org/10.34248/bsengineering.1729927
dc.identifier.volume9
dc.institutionauthorAğar, Hasan Çağlaren_US
dc.institutionauthorÇeliktaş, Barışen_US
dc.institutionauthorid0009-0005-4549-3376
dc.institutionauthorid0000-0003-2865-6370
dc.language.isoenen_US
dc.peerreviewedYesen_US
dc.publicationstatusPublisheden_US
dc.publisherKaryay Karadeniz Yayımcılık Ve Organizasyon Ticaret Limited Şirketien_US
dc.relation.ispartofBlack Sea Journal of Engineering and Scienceen_US
dc.relation.publicationcategoryMakale - Ulusal Hakemli Dergi - Öğrencien_US
dc.relation.publicationcategoryMakale - Ulusal Hakemli Dergi - Kurum Öğretim Elemanıen_US
dc.rightsinfo:eu-repo/semantics/openAccessen_US
dc.subjectIncident managementen_US
dc.subjectFramework comparisonen_US
dc.subjectEvaluation criteriaen_US
dc.subjectMaturity modelen_US
dc.subjectAnalytic hierarchy processen_US
dc.subjectSWOT analysisen_US
dc.titleA multi-criteria evaluation of cybersecurity incident management frameworks: integrating AHP, CMMI and SWOTen_US
dc.typeArticleen_US
dspace.entity.typePublicationen_US

Dosyalar

Orijinal paket
Listeleniyor 1 - 1 / 1
Küçük Resim
İsim:
A_Multi_Criteria_Evaluation_of_Cybersecurity_Incident_Management_Frameworks_Integrating_AHP_CMMI_and_SWOT.pdf
Boyut:
853.75 KB
Biçim:
Adobe Portable Document Format
İndir
Lisans paketi
Listeleniyor 1 - 1 / 1
Küçük Resim Yok
İsim:
license.txt
Boyut:
1.17 KB
Biçim:
Item-specific license agreed upon to submission
Açıklama:
İndir

Koleksiyon

Öğrenci Yayınları Makale Koleksiyonu
Lisansüstü Eğitim Enstitüsü Diğer Yayınlar Koleksiyonu
Makale Koleksiyonu | Bilgisayar Mühendisliği Bölümü