Design of the IADI Cybersecurity Model for the Ignug Academic Management System of the Yavirac Higher Technological Institute

Authors

  • Lorena Chulde Instituto Superior Tecnológico Yavirac, Ecuador Author
    • Hugo Défaz Universidad Central del Ecuador Author https://orcid.org/0000-0003-4477-7316

      DOI:

      https://doi.org/10.46480/esj.5.3.160

      Keywords:

      Cybersecurity, Cybersecurity Model, ISO, IEC 27002: 2017 Standard, Magerit Methodology, Risk Analysis, Risk Management, Software Security

      Abstract

      In this article, the risk management procedure is disclosed, through the analysis and treatment of risks, identifying assets, threats, impact and safeguards, applying the Magerit methodology in order to design the Model of IADI Cybersecurity through the controls chosen from the ISO / IEC 27002: 2017 security standard that allows the personnel of the Software Development Area of ​​the Yavirac Higher Technological Institute, the mitigation of the risks found on the platform and in this way guarantees the normal operation of the Ignug Academic Management System.

      Downloads

      Download data is not yet available.

      References

      Baca Urbina, G. (2019). Introducción de la Seguridad Informática. In G. E. Patria (Ed.), Introducción a la Seguridad Informática (p. 54).

      Magerit. (2012a). Metodología de Análisis y Gestión de Riesgos de los Sistemas de Información. https://administracionelectronica.gob.es/pae_Home/pae_Documentacion/pae_Metodolog/pae_Magerit.html?idioma=es%0Ahttp://administracionelectronica.gob.es/pae_Home/pae_Documentacion/pae_Metodolog/pae_Magerit.html

      Magerit. (2012b). Metodología de Análisis y Gestión de Riesgos de los Sistemas de Información - Catálogo de Elementos. https://administracionelectronica.gob.es/pae_Home/pae_Documentacion/pae_Metodolog/pae_Magerit.html?idioma=es%0Ahttp://administracionelectronica.gob.es/pae_Home/pae_Documentacion/pae_Metodolog/pae_Magerit.html

      Magerit. (2012c). Metodología de Análisis y Gestión de Riesgos de los Sistemas de Información - Guía de Técnicas https://administracionelectronica.gob.es/pae_Home/pae_Documentacion/pae_Metodolog/pae_Magerit.html?idioma=es%0Ahttp://administracionelectronica.gob.es/pae_Home/pae_Documentacion/pae_Metodolog/pae_Magerit.html

      Norma ISO/IEC 27002:2017. (2017). Código de buenas prácticas para los controles de seguridad de la información (ISO/IEC 27002:2013 incluyendo Cor 1:2014 y Cor 2:2015). 1–34. https://www.une.org/encuentra-tu-norma/busca-tu-norma/norma?c=N0058429

      OWASP. (2017). Project Spotlight: OWASP Top 10.

      Roa Buendía, F. J. (2013). Seguridad informática (M. D. C. Ariadna Allés, Paloma Sánchez (ed.)). www.mhe.es/cf/informatica

      Sánchez Cano, G. (2018). Seguridad cibernética Hackeo etico y programacion defensiva (C. de M. Alfaomega Grupo Editor, S.A. de C.V. – Dr. Isidoro Olvera No. 74, Col. Doctores, C.P. 06720, Cuauhtémoc (ed.); Primera E).

      Downloads

      Published

      2021-11-30

      Issue

      Vol. 5 No. 3 (2021): RITAM 2021

      Section

      Research Paper

      License

      Authors retain the copyright of their articles and are therefore free to share, copy, distribute, perform, and publicly communicate their work on their personal websites or in institutional repositories after its publication in this journal, provided that full bibliographic information is given to acknowledge its original publication.

      How to Cite

      [1]
      L. Chulde and H. Défaz, “Design of the IADI Cybersecurity Model for the Ignug Academic Management System of the Yavirac Higher Technological Institute”, Ecuad. Sci. J, vol. 5, no. 3, pp. 272–292, Nov. 2021, doi: 10.46480/esj.5.3.160.
      Crossref
      Scopus
      Google Scholar
      Europe PMC

      Similar Articles

      1-10 of 137

      You may also start an advanced similarity search for this article.