Volume 0 -
J Tax Res 2025, 0 - : 71-98 |
Back to browse issues page
Download citation:
BibTeX | RIS | EndNote | Medlars | ProCite | Reference Manager | RefWorks
Send citation to:
BibTeX | RIS | EndNote | Medlars | ProCite | Reference Manager | RefWorks
Send citation to:
davoodi M, shirmohammadi M M. Presenting the conceptual model of maturity of cyber security in the cloud space of the Taxpayers system of the country's tax affairs organization. J Tax Res 2025; https://doi.org/10.61882/taxjournal.0.71
URL: http://taxjournal.ir/article-1-2398-en.html
URL: http://taxjournal.ir/article-1-2398-en.html
1- , mardav7959@gmail.com
Abstract: (230 Views)
The security of the digital space depicts a new facet of the national security of each country, therefore, it is necessary to parallel the rapid development of various uses of communication and information technology in different sub-sectors with a detailed understanding of the country's key infrastructures that are vitally dependent on information. And then planning and organizing and making appropriate investments to protect these infrastructures will smooth the country's all-round development in achieving a knowledge-based society. Communication infrastructure is of great importance due to its fundamental role in society and must function stably and safely in society. As one of the main institutions that deals with sensitive data and people's tax information, the country's tax affairs organization benefits from the cloud space as a model of successful information and communication technology, which is associated with security risks and threats and needs to be investigated and Management is serious. Presenting the conceptual model of cyber security maturity in the cloud space of the taxpayer system of the country's tax affairs organization is the main goal of this research. In this, by referring to high-quality documents in the field of cyber security maturity models of reference and using mixed research methods (quantitative and qualitative) and for the integrated interpretation of the findings obtained from qualitative studies with the aim of achieving the perceptual level and presenting the model It has become conceptual. In order to identify the dimensions, components and indicators, using the theoretical literature and studying the previous research, first 139 studies were evaluated using the CASP tool and finally 19 studies were selected. Selected studies were coded using MAXQDA software and finally 53 indicators were counted. These indicators were shared with 16 experts through a questionnaire and the final indicators were extracted for model design. The obtained model includes 3 dimensions, 11 components and 51 indicators.
Keywords: Security risk management, cyber security, cloud space, cyber security maturity model, tax affairs organization of the country, Taxpayers system.
Type of Study: Research |
Subject:
etc.
Received: 2025/08/11 | Accepted: 2025/09/1 | Published: 2025/09/1
Received: 2025/08/11 | Accepted: 2025/09/1 | Published: 2025/09/1
References
1. علیزاده سودمند، علیرضا، و فتحی هفشجانی، کیامرث، و شاهمنصوری، اشرف، و عربسرخی، ابوذر. (1403). تحلیل ساختارمند شاخص ایمنی در امنیت و پدافند سایبری سازمانهای دانشبنیان کشور. پدافند غیرعامل، 15(1)، 87-103.
2. فرهادی مقدم، زینب. (1403). بررسی امنیت سایبری در دنیای اتصالات هوشمند: چالشها و راهکارها. بیست و دومین کنفرانس ملی علوم و مهندسی کامپیوتر و فناوری اطلاعات، بابل، ایران.
3. اختری، محمد، و کرامتی، محمدعلی، و موسوی، سید عبداله امین. (1401). مقایسه تطبیقی مدلهای بلوغ امنیت سایبری و امنیت اطلاعات و احصای شاخصهای امنیت سایبری مشترک. پدافند غیرعامل، 13(4)، 21-38.
4. ولوی، محمد رضا، و نیک نفس، علی. (1400). مدل بلوغ نظام رصد و پایش و هشداردهی سایبری جمهوری اسلامی ایران. فصلنامه علمی امنیت ملی،40(11)، 182-155.
5. اخوان، فاطمه، و رادفر، رضا. (1399). ارائه مدلی برای پایش بلوغ امنیت اطلاعات. فصلنامه رشد فناوری، 64(2)، 41-51.
6. میریوسفی، سید محسن، و غفاری، رضا. (1400). راهبردهای نوین حفاظت از زیرساختهای حیاتی. نشریه علمی پدافند غیر عامل، 3(4)، 1-14 .
7. عابدی جعفری، عابد، و امیری، مجتبی. (1398). فراترکیب، روشی برای سنتز مطالعات کیفی. فصلنامه علمی پژوهشی روششناسی علوم انسانی، 25(99)، 73-87.
8. References
9. Afshar, A., Termechi, A., Golshan, A., Aghaeian, A., Shahriari, H. R., Soleimani, S. (2018). Review of the Types of Strategies to Improve Security of Industrial Control Systems and Critical Infrastructure. Journal of Passive Defence, 9(2), 1-9. [In Persian]
10. Aghaei, M., Moeini, A., Arabsorkhi, A., Mohammadian, A., & Zareyi, A. A. (2019). A Logical Conceptual Model for Classifying Critical Infrastructure Cyber Threats. Journal of National Security, 2, 201-231. [In Persian]
11. Akhavan, F., & Radfar, R. (2021). A Model for Monitoring Information Security Maturity. Journal of Technology Growth, 64, 41-51. [In Persian]
12. Aliyu, A., Maglaras, L., He, Y., Yevseyeva, I., Boiten, E., Cook, A., & Janicke, H. (2020). A Holistic Cybersecurity Maturity Assessment Framework for Higher Education Institutions in the United Kingdom. Applied Sciences, 10(10), 1-15. [DOI:10.3390/app10103660]
13. Bridget, J. (2021). Information Security Maturity Model for Healthcare Organizations in the United States (Doctoral Dissertation). University of Portland State, Portland.
14. British Standards Institution. (2013). Moving from ISO 27001:2005 to ISO 27001:2013. London: BSI. [In Persian]
15. Ide, M. (2019). Cybersecurity Capability Maturity Model for Critical Information Technology Infrastructure among Nigerian Financial Organizations (Doctoral Dissertation, Universiti Teknologi Malaysia).
16. Karabacak, B., Yildirim, S. O., & Baykal, N. (2016). A Vulnerability-Driven Cyber Security Maturity Model for Measuring National Critical Infrastructure Protection Preparedness. International Journal of Critical Infrastructure Protection, 15, 47-59. [DOI:10.1016/j.ijcip.2016.10.001]
17. Miryousefi, M., & Ghaffarpour, R. (2021). New Critical Infrastructure Protection Strategies. Journal of Passive Defence, 3, 1-14. [In Persian]
18. Rea-Guaman, A. M., San Feliu, T., Calvo-Manzano, J. A., & Sánchez-García, I. D. (2017). Comparative Study of Cybersecurity Capability Maturity Models. In International Conference on Software Process Improvement and Capability Determination (100-113). Cham: Springer International Publishing. [DOI:10.1007/978-3-319-67383-7_8]
19. Saleh, M. (2021). Information Security Maturity Model. International Journal of Computer Science and Security, 5(3), 316-337.
20. U.S. Department of Energy. (2021). Office of Cybersecurity, Energy Security and Emergency Response. CyberSecurity Capability Maturity Model (C2M2), 2.1, 1-96.
21. Wong, W. N. Z. Z., & Shi, J. (2014). Business Continuity Management System: A Complete Guide to Implementing ISO 22301. London: Kogan Page Publishers.
22. Yigit Ozkan, B., Van Lingen, S., & Spruit, M. (2021). The Cybersecurity Focus Area Maturity (CYSFAM) Model. Journal of Cybersecurity and Privacy, 1(1), 119-139. [DOI:10.3390/jcp1010007]
23. Yigit Ozkan, B., & Spruit, M. (2018). A Questionnaire Model for Cybersecurity Maturity Assessment of Critical Infrastructures. In International Workshop on Information and Operational Technology Security Systems (49-60). Cham: Springer International Publishing. [DOI:10.1007/978-3-030-12085-6_5]
Send email to the article author
| Rights and permissions | |
 |
This work is licensed under a Creative Commons Attribution-NonCommercial 4.0 International License. |
