Sign In


College of Computer Science and Engineering


Information & Computer Science Department


Presents Public Seminar


Information Security Maturity Models Evaluations: Measuring NIST Cybersecurity Framework Implementation Status


Date: 24th February, 2021

Time:  03:30 pm – 4:15 pm

Location: MS Teams Link: Click here to join the meeting



Majid Al-Saleh



Many organizations with critical infrastructure sectors and other businesses start to adopt NIST cybersecurity framework. As the cybersecurity is a long-term investment, organizations adopting the framework need to sustain their cybersecurity capabilities and ensure their growth toward the maturity level needed to deliver the desired outcome.  Therefore, there is a need to assess the maturity capability of the cybersecurity program regularly. There exist several maturity capability models that can be used to measure the progress of implementing the cybersecurity program. However, still there are attempts to define a maturity capability model to be used specifically for measuring the cybersecurity programs that adopt the NIST cyber-security framework.

With the aim of identifying and applying evaluation criteria, this paper reviews number of existing maturity models, compares their scales levels definitions, and the used assessment methodology. The paper obtained the criteria based on Subject Matter Experts' feedback and conducted a survey to define the values of those criteria the organizations are looking for in or-der to select the best fit capability maturity models to use in measuring the NIST CSF implementation progress.


Speaker Bio:

Majid received B SC. Degree in Computer Engineering from King Fahd University of Petroleum & Minerals (KFUPM), Saudi Arabia in 1996.  Majid is security consultant at Saudi Arabian Oil Company. He joined the Company in 2002 and worked as IT Analyst, Information System Auditor, Cybersecurity Consultant, and Compliance Specialist. He holds a variety of industrial certifications in the field of information assurance and security including CISM, CISA, CRMA, CRISC, CGEIT, ISO27001 LI/LA, COBIT5 Foundations, and COBIT5 Implementer. His research interests include Cybersecurity, Information Security, Information Audit and Assurance.



All faculty, researchers and graduate students are invited to attend.


Information & Computer Science Department, College of Computer Sciences and Engineering

Telephone: +966 (13) 860 2175, Email:, Website:


Copyright © 2014 King Fahd University of Petroleum & Minerals





24 Feb 2021


03:30 PM to 04:15 PM