Evaluation of the level of IT security deployed in the higher education institutes of the RIT II network
DOI:
https://doi.org/10.37431/conectividad.v4i1.49Keywords:
Technological security, Security policies, Higher technological institutes of Ecuador, Identification of vulnerabilities, Risk analysisAbstract
The objective of this investigation is to determine a baseline on the reality of information security (SI) in the institutes of higher education of the RIT II network, for which the information obtained through the application of an evaluation based on good practices related to the level of information security was analyzed. The objective is to identify the vulnerabilities presented by the institutes and categorize them according to their level of risk, in order to establish an adequate management and subsequent treatment with the development of policies and controls to minimize the impact in case of a security event. The deductive method and exploratory research were applied to examine the information obtained from the surveys generated using the ISO/IEC 27001:2013 – 27002:2013 framework. This analysis was able to determine the most critical vulnerabilities to which the educational institutions under study are exposed, evidencing that the security index of the analyzed institutions is moderately acceptable in their security objectives, as well as the lack of appropriation of referential security frameworks, raising the risk of security incidents.
References
Alvarado-Chang, Jorge. 2020. "Análisis De Ataques Cibernéticos Hacia El Ecuador." Revista Científica Aristas 2(1):18-27.Anon. n.d. "Iso 27000." Retrieved (https://www.iso27000.es/).
Cedeño Villacis, R. P. 2022. "Ciberseguridad y Ciberdefensa: Perspectiva de La Situación Actual En El Ecuador." Revista Tecnológica Ciencia y Educación Edwards Deming 50-62. https://doi.org/10.37957/rfd.v6i1.88
Digital), Secretaría General de Administración Digital (Ministerio de Asuntos Económicos y Transformación. n.d. "MAGERIT v.3 : Metodología de Análisis y Gestión de Riesgos de Los Sistemas de Información." Retrieved (https://administracionelectronica.gob.es/pae_Home/pae_Documentacion/pae_Metodolo g/pae_Magerit.html).
Fidler, David P. 2020. "Cybersecurity in the Time of COVID-19." Council on Foreign Relations (2020):7-9.
Información, Ministerio de Yelecomunicaciones y de la Sociedad de la. 2021. Política de Ciberseguridad. Vol. 15.
ISACA. n.d. "COBIT 2019."
Posincovich, Ayelén, Aylen Facco, Marco Gaiero, Pilar Fregona, Franco Bergero, and Marco Iazzetta. 2020. "Seguridad y Derechos Humanos:" Perspectivas Revista de Ciencias Sociales 19(9):147-54. https://doi.org/10.35305/prcs.v0i9.154
Suárez, Nubia Esperanza Suárez, and José Custodio Najar. 2014. "Evolución De Las Tecnologías De Información Y Comunicación En El Proceso De Enseñanzaaprendizaje." Vínculos 11(1):209-20.
Toapanta Toapanta, S. M., & Mafla Gallegos, L. E. 2019. "An Approach to Optimize the Management of Information Security in Public Organizations of Ecuador". https://doi.org/10.5772/intechopen.88931
Topuz, Arif Cem, Eda Saka, Ömer Faruk Fatsa, and Engin Kurşun. 2022. "Emerging Trends of Online Assessment Systems in the Emergency Remote Teaching Period." Smart Learning Environments 9(1). https://doi.org/10.1186/s40561-022-00199-6
Umbrasas, Vytautas. 2011. "Journal of Security and Sustainability Issues." Journal of Security and Sustainability Issues 1(2).
https://doi.org/10.9770/jssi.2011.1.2(0)
Vacca, John. n.d. "Managing Information Security." 2nd Editio:372.
Xolani, Moffat, and Patience Kelebogile. 2022. "Lecturers' Experiences of Administering Online Examinations at a South African Open Distance e-Learning University During the COVID-19." International Journal of Educational Methodology 8(2):275-83. https://doi.org/10.12973/ijem.8.2.275
Published
How to Cite
Issue
Section
License
Copyright (c) 2023 Instituto Superior Tecnológico Universitario Rumiñahui
This work is licensed under a Creative Commons Attribution-NonCommercial 4.0 International License.
The originals published in the electronic edition under the first publication rights of the journal belong to the Instituto Superior Tecnológico Universitario Rumiñahui; therefore, it is necessary to cite the source in any partial or total reproduction. All the contents of the electronic journal are distributed under a Creative Commons Attribution-Noncommercial 4.0 International (CC-BY-NC 4.0) license.
2.png){kind=logo}
