Examinando por Autor "Verdugo Crespo, Gerson Leonardo"
Mostrando 1 - 1 de 1
- Resultados por página
- Opciones de ordenación
Ítem Acceso Abierto Propuesta de un modelo de madurez de ciberseguridad para Ecuador(Universidad Católica de Cuenca campus Cañar, 2023) Verdugo Crespo, Gerson Leonardo; Flores Urgiles, Cristhian Humberto; 0303016851ABSTRACT The purpose of this article is to propose a cybersecurity maturity model adapted to the needs and characteristics of Ecuador, which will allow the evaluation and improvement of cybersecurity capacity in organizations, government agencies and critical infrastructures in the country. The Model is called Cybersecurity Maturity Model of Ecuador (CMME), and the main objectives are; Develop a cybersecurity maturity model, with a proposal for the Ecuadorian State, determining its domains, maturity levels, functions and categories based on recognized standards and reference frameworks, which when applied allows establishing and evaluating cybersecurity in the country , a survey of documentary information will be carried out on the models and reference frameworks that will allow establishing the steps that must be followed for its preparation. In addition to developing a reference framework for future projects on cybersecurity maturity models for nations. To propose the following model, the ISO 27001 standard and three fundamental cybersecurity frameworks were studied, such as: CMM (Cybersecurity Capacity Maturity Model for Nations), C2M2 (Cybersecurity Capacity Maturity Model for Organizations), and NIST CSF (National Institute of Standards). and Technology) (Cybersecurity Framework), to which two types of comparative analysis were carried out to obtain the phases presented below, and evaluation of cybersecurity capabilities in Ecuador. Following the phases proposed in this article, it was possible to develop three of the six planned, which are: Analysis of the Ecuadorian Context, Definition of Objectives and Development of the Model, the three missing ones were not developed since being a proposal it cannot be test, implement, evaluate and therefore improve. In conclusion, it was possible to develop a cybersecurity maturity model, with its domains and subdomains, establish the maturity levels, functions and category that will serve as a reference when evaluating Ecuador's cybersecurity capacity, in addition to serving as a guide for the development of other cybersecurity frameworks for nations. KEYWORDS Cybersecurity, Maturity Model, Ecuador, Technology, CMM, C2M2, NIST CSF.
