Tesis Tecnologías de la Información

Permanent URI for this collectionhttp://repositorio.uta.edu.ec/handle/123456789/34849

Browse

Filter results by typing the first few letters
Now showing 1 - 1 of 1
  • No Thumbnail Available
    Item
    Análisis de seguridad basado en el marco de ciberseguridad del NIST para la protección del sistema informático de la Unidad Educativa “19 de Septiembre” del cantón Salcedo
    (Universidad Técnica de Ambato. Facultad de Ingeniería en Sistemas, Electrónica e Industrial. Carrera de Tecnologías de la Información, 2025-02) Narváez Tanguila Erika Thais; Sánchez Zumba Andrea Patricia
    The growing reliance on information systems in educational institutions highlights the need for robust cybersecurity strategies to safeguard sensitive data and ensure operational continuity. Educational environments, like the “19 de Septiembre” Educational Unit in Salcedo, are particularly vulnerable to cyber threats and physics due to limited resources and a lack of formalized practices. This research focuses on implementing security measures based on the NIST Cybersecurity Framework to address these challenges and improve the institution’s overall cybersecurity posture. The study began with the identification of physical and cyber threats, using a risk matrix, these threats were classified according to their probability and potential impact, providing a structured assessment of the vulnerabilities within the institution. The NIST framework was subsequently applied to evaluate the cybersecurity maturity level across its five key functions: Identify, Protect, Detect, Respond, and Recover. Results revealed that most functions remain at an initial level of maturity, characterized by informal and reactive practices, that make it more prone to incidents. To resolve these deficiencies, a cybersecurity guide tailored to the institution’s needs was developed. This guide provides a comprehensive strategy focusing on asset prioritization, policy creation, incident response protocols, and continuous staff training. The aim is to elevate the institution’s cybersecurity maturity while fostering a culture of proactive risk management. This study significantly enhances the resilience of the “19 de Septiembre” Educational Unit against cyber threats. Furthermore, the methodology and findings presented offer a replicable framework for other educational institutions facing similar cybersecurity challenges, ensuring alignment with international standards