TY - GEN
T1 - Cybersecurity maturity model for providing services in the financial sector in Peru
AU - Alayo, Jorge Gutierrez
AU - Mendoza, Paul Necochea
AU - Armas-Aguirre, Jimmy
AU - Molina, Juan Madrid
N1 - Publisher Copyright:
© 2021 IEEE.
PY - 2021
Y1 - 2021
N2 - In this paper, we proposed a cybersecurity maturity model for providing services to organizations in the financial sector. To develop this proposal, existing frameworks and models have been taken as a reference, expanding their scope by integrating cloud security and privacy capabilities. In this way, the proposed model is supported by a measurement tool that facilitates diagnosis and result visualization. The evaluation process is performed based on the fulfillment of controls, which are evaluated on a scale of five levels of maturity: 1. Initial, 2. In Development, 3. Defined, 4. Managed and 5. Optimized. The results are grouped by domains and functions. The model was validated with pilot studies in two entities from the financial sector in Lima, Peru. In the performed validation, the preliminary results showed an average acceptance level of 4.3 on a 1 to 5 scale while the obtained maturity level was 3. Those preliminary results allowed us to propose activities which eliminate the gaps found as well as improve the organization's capabilities in the evaluated process.
AB - In this paper, we proposed a cybersecurity maturity model for providing services to organizations in the financial sector. To develop this proposal, existing frameworks and models have been taken as a reference, expanding their scope by integrating cloud security and privacy capabilities. In this way, the proposed model is supported by a measurement tool that facilitates diagnosis and result visualization. The evaluation process is performed based on the fulfillment of controls, which are evaluated on a scale of five levels of maturity: 1. Initial, 2. In Development, 3. Defined, 4. Managed and 5. Optimized. The results are grouped by domains and functions. The model was validated with pilot studies in two entities from the financial sector in Lima, Peru. In the performed validation, the preliminary results showed an average acceptance level of 4.3 on a 1 to 5 scale while the obtained maturity level was 3. Those preliminary results allowed us to propose activities which eliminate the gaps found as well as improve the organization's capabilities in the evaluated process.
KW - cloud computing
KW - cybersecurity
KW - financial sector
KW - maturity model
KW - privacy data
UR - https://www.scopus.com/pages/publications/85123576751
U2 - 10.1109/CONIITI53815.2021.9619733
DO - 10.1109/CONIITI53815.2021.9619733
M3 - Contribución a la conferencia
AN - SCOPUS:85123576751
T3 - 2021 7th Congreso Internacional de Innovacion y Tendencias en Ingenieria, CONIITI 2021 - Conference Proceedings
BT - 2021 7th Congreso Internacional de Innovacion y Tendencias en Ingenieria, CONIITI 2021 - Conference Proceedings
A2 - Morales, Victor Manuel Fontalvo
PB - Institute of Electrical and Electronics Engineers Inc.
T2 - 7th Congreso Internacional de Innovacion y Tendencias en Ingenieria, CONIITI 2021
Y2 - 29 September 2021 through 1 October 2021
ER -