Cyberspace was created by the development of Information and Communication Technology (ICT). This makes it easier to access, manage information faster and more accurately, and improve the efficiency of performing activities and achieving business goals. On the other hand, the higher the usage of information technology, the higher the potential for organizational security incident gaps and cybercrime. Addressing this issue requires security standards that are appropriate and meet the requirements for organizations to know the maturity of cybersecurity. XYZ Organization is one of the government instances managing Indonesia's critical infrastructures. Although some international security standards have been implemented, the results of preparing for information security management are not yet optimal. Analysis of the NIST, CIS Controls v8, and ISO27002 standards was performed in this research. In addition, the analysis results are used as resources to create a cybersecurity maturity framework through the three standard approaches that underlie ICT management. And for the result, the proposed concepts of the 21 integrated cybersecurity categories are expected to become an asset in terms of XYZ organization's ICT management performance.