To be able to talk about effective information security against all types of attacks, from a simple cyber attack to cyber terrorism and even cyber warfare, awareness must be defined as a problem, not a solution. To solve this problem "You can not manage what you can not measure!" point of view must be the starting point. Information security problem can be solved if security awareness level can be measured accurately and raising the awareness level according to the measurements. After studies in the literature are examined, it is seen that there is no dynamic model for measuring the cyber security awareness, score based leveling, survey and focus area based approaches are used, measurements are made for certain levels/groups and do not have a certain leveling standardization. In this study, a "capability based dynamic model" has been proposed for the first time in order to measure awareness level. It is seen that the proposed model is superior to the models in literature by these specifications; designed in a stepped structure with leveling standardization, applicable to all groups/levels and capability based approach used. It is considered that the developed model will contribute to the increase of cyber security awareness.