Public organizations lack adequate models and methods to efficiently support and manage processes related to information security and IT investments. The objective is to optimize the management of strategic projects planned to improve the information security of a public organization and make efficient use of its available resources. The deductive method and exploratory research were used to review and analyze the available information. A mathematical model resulted that optimizes two objectives: (1) minimizing the costs of the strategic projects to be executed, and (2) maximizing the percentage of improvement in the organization’s information security. According to the result of the simulation, a subset of planned strategic projects was obtained that allows improving the information security of a public organization from 84.64% to 92.20%, considering the budgetary limitations of the organization. It was concluded that the proposed model is efficient, practical and can be a support tool for the IT management of a public organization.
Public organizations are subjected to a complex security situation, which can be addressed by permanently strengthening and evaluating their cybersecurity capabilities. The objective of this research is to develop a model to identify the cybersecurity management capacity of public organizations. The deductive method was applied for the review and analysis of criteria, factors and variables related to cybersecurity capacity in public organizations. It resulted in a model to identify the Cybersecurity Management Capacity of public organizations, with its process to assess and categorize organizations according to their level of cybersecurity capacity. It was concluded that public organizations from developed countries in cybersecurity such as Spain have better capacities (greater than 60% CMC) than less developed countries such as Ecuador (less than 60% CMC), due to the cybersecurity context where these organizations operate. To obtain a high level of cybersecurity, public organizations must have the support of the governments of the different political divisions of a country, as well as permanent international collaboration in the field of cybersecurity.
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.