Incorporating Other Models and Technology Into the CCSMM
One thing about the nature of computer science in general and cybersecurity in particular is that they are both fields that are constantly changing. Whether it is because of a new version of an operating system being released, new technology that has been introduced, or a disclosure of a newly discovered vulnerability, the field is continually changing. Some changes will not have any impact on the CCSMM. Others may necessitate a change in some aspect at one or more levels. The model itself is extremely flexible and frequently does not specify the precise items that need to be covered but rather the more abstract concept that must be considered. This is true for not just changes in technology but also the introduction of new government guidance or regulations as well as the creation of other maturity models that are focused on some other aspect of cybersecurity. This chapter explores incorporating other models and technology into the CCSMM.