ABSTRACT
Ecuador's constant technological growth is evident in recent years, great efforts have been devoted to the development of information systems for organizations, but only for the development of systems; unfortunately, there are few security controls or maintenance that have been implemented in those already mentioned. Ecuador has been the target of constant attacks and have been the result of the vulnerability of its information security. This is the consequence of having very poor control of their systems due to the neglect of senior management, reduced costs or simply complete ignorance of the subject by the staff. Auditing helps identify weaknesses in an organization in general or in systems where security is important. Every audit process is linked to a plan, realization and results, but it is thanks to the methodology that they will give us indicators to make changes to the system, that these results have relevance; as the parameters to be evaluated from the system are presented in the system. Our goal was to find key parameters for a correct security assessment against a cyberattack. Methodologies from various sources such as books, recognized standards methodologies, standardized guidance processes, among others were adapted and used. It was concluded that using guide the parameters found in our research helps an organization to have a stable yet secure system against a cyberattack.
- 2008 Six Steps to an Effective Continuous Audit Process: https://iaonline.theiia.org/six-steps-to-an-effective-continuous-audit-process. Accessed: 2019-11-21.Google Scholar
- Alberto Flores Quispe, C. Tipos De Hackers. 16--18.Google Scholar
- Cano, J.J. 2016. Cyberattacks---The Instability of Security and Control Knowledge. ISACA Journal. 5, 1 (2016), 1--5.Google Scholar
- Ciberataques | Editoriales | Opinión | El Universo: 2019. https://www.eluniverso.com/opinion/2019/04/16/nota/7287779/ciberataques. Accessed: 2019-09-18.Google Scholar
- Coello, N.I., Naranjo, R.A., Mafla, E. and Technologies, C. 2019. Impact on Administrative Processes by Cyberattacks in a Public Organization of Ecuador. July (2019).Google Scholar
- Diario El Comercio 2019. Ecuador ocupa el séptimo lugar en ciberseguridad en América Latina | El Comercio. Seguridad.Google Scholar
- Guayaquil conocerá beneficios de la política "Ecuador Digital" -- Ministerio de Telecomunicaciones y de la Sociedad de la Información: 2019. https://www.telecomunicaciones.gob.ec/guayaquil-conocera-beneficios-de-la-politica-ecuador-digital/. Accessed: 2019-09-18.Google Scholar
- ITU 2017. Global Cybersecurity Index (GCI) 2017. ITU Report.Google Scholar
- Listado de ministros y ministerios de Ecuador: 2015. https://www.expreso.ec/actualidad/listado-de-ministros-y-ministerios-de-ecuador-DPGR_8323545. Accessed: 2019-09-18.Google Scholar
- Nollet, L.M.L. 2019. ISO (International Organization for Standardization). Testing and Analysis of GMO-containing Foods and Feed. 273--276.Google Scholar
- Probando la madurez en la ciberseguridad en las instituciones financieras: https://www2.deloitte.com/ec/es/pages/financial-services/articles/probando-la-madurez-en-la-ciberseguridad-en-las-instituciones-fi.html. Accessed: 2019-09-18.Google Scholar
- Sabillon, R., Serra-Ruiz, J., Cavaller, V. and Cano, J. 2018. A comprehensive cybersecurity audit model to improve cybersecurity assurance: The cybersecurity audit model (CSAM). Proceedings - 2017 International Conference on Information Systems and Computer Science, INCISCOS 2017. 2017-Novem, (2018), 253--259. DOI:https://doi.org/10.1109/INCISCOS.2017.20.Google Scholar
- Standars ISO ISO 9126-2.Google Scholar
- Enterprise Cybersecurity: How to Build a Successful Cyberdefense Program ... - Scott Donaldson, Stanley Siegel, Chris K. Williams, Abdul Aslam - Google Libros.Google Scholar
Index Terms
- Definition of Parameters to Perform Audit in Cybersecurity for Public one Organization of Ecuador
Recommendations
An Approach of National and International Cybersecurity Laws and Standards to Mitigate Information Risks in Public Organizations of Ecuador
ICETM '19: Proceedings of the 2019 2nd International Conference on Education Technology ManagementToday, cybersecurity is very important, and Ecuador could suffer serious security problems that would compromise the information of its citizens if it does not change its laws and standards in public institutions. The objective of this article was to ...
Analysis of Cybersecurity Models Suitable to Apply in an Electoral Process in Ecuador
ICETM '19: Proceedings of the 2019 2nd International Conference on Education Technology ManagementWere analyzed different cybersecurity proposals to protect information, such as models, prototypes, approaches, frameworks, algorithms and evaluations. The problem is the lack of application of cybersecurity to electoral processes in Ecuador. The ...
Transforming Healthcare Cybersecurity from Reactive to Proactive: Current Status and Future Recommendations
AbstractThe recent rise in cybersecurity breaches in healthcare organizations has put patients’ privacy at a higher risk of being exposed. Despite this threat and the additional danger posed by such incidents to patients’ safety, as well as operational ...
Comments