Cybersecurity in Public Institutions in Chimborazo: A Situational Assessment
DOI:
https://doi.org/10.55204/trc.v5i2.e498Keywords:
Ciberseguridad, ISO 27001, NIST, políticas digitales, resiliencia, amenazas cibernéticasAbstract
This article presents a situational diagnosis of cybersecurity in public institutions of the Chimborazo province, Ecuador. The core issue lies in the insufficient institutional readiness to face growing cyber threats, especially in a context where governmental systems handle critical and sensitive information. The significance of this problem is evidenced by the steady increase in cyberattacks across Latin America, with public entities being among the most vulnerable. Previous studies have identified normative fragmentation, limited budget allocation, and lack of technical training as key structural weaknesses. In response, this article proposes a mixed-method study based on a systematic literature review, regulatory analysis, and a local case study supported by survey data. Comparative statistics between Ecuadorian provinces and a projected cybersecurity maturity model for Chimborazo (2025–2030) are presented. The findings show that only 35% of local institutions have implemented cybersecurity policies and that basic practices such as regular password changes are not yet widespread. The study concludes that coordinated strategies aligned with international standards such as ISO/IEC 27001 and the NIST framework are urgently needed, alongside the creation of a provincial CSIRT to strengthen the digital resilience of public services.
Downloads
References
Banco Interamericano de Desarrollo. (2023). Ciberseguridad en América Latina y el Caribe. https://publications.iadb.org
Check Point. (2024). Cyber Attack Trends: 2024 Mid-Year Report. https://www.checkpoint.com
CISA. (2023). Defending against malicious email. https://www.cisa.gov
Cobalt.io. (2025). Top cybersecurity statistics. https://www.cobalt.io
CrowdStrike. (2023). Global Threat Report 2023. https://www.crowdstrike.com
ENISA. (2023). Threat landscape 2023. European Union Agency for Cybersecurity. https://www.enisa.europa.eu
ISC2. (2023). Cybersecurity workforce study 2023. https://www.isc2.org
IT Ahora. (2025). Ciberseguridad en Ecuador: cultura digital y normativa. https://itahora.com
Kaspersky. (2023). Perspectivas y tendencias de ciberseguridad en América Latina. https://www.kaspersky.com
KPMG. (2023). Resiliencia cibernética post ataques en Costa Rica. https://home.kpmg/cr
MINTEL Ecuador. (2022). Estrategia Nacional de Ciberseguridad 2022–2025. https://www.telecomunicaciones.gob.ec
Molina‑Granja, F., & Rodríguez, G. D. (2017). The preservation of digital evidence and its admissibility in the court. International Journal of Electronic Security and Digital Forensics, 9(1), 1–18. https://doi.org/10.1504/IJESDF.2017.10002624
Molina‑Granja, F., Rodríguez, G. D., Lozada‑Yánez, R., & Cabezas‑Heredia, E. (2019). Implementation of the PREDECI model in the prosecution of Chimborazo in Ecuador: A case study evaluation. International Journal of Electronic Security and Digital Forensics, 11(2), 85–102. (DOI no disponible públicamente)
Mazon-Fierro, M., Molina-Granja, F., Mendoza, X. P. L., Jara, A. P., & Swaminathan, J. N. (2022). Towards a Model of Information Audit in the Document Management of Public Institutions. In Inventive Communication and Computational Technologies: Proceedings of ICICCT 2022 (pp. 797-807). Singapore: Springer Nature Singapore.
Mordor Intelligence. (2024). Latin America cybersecurity market. https://www.mordorintelligence.com
NIST. (2022). Framework for improving critical infrastructure cybersecurity (Version 1.1). National Institute of Standards and Technology. https://www.nist.gov
OCDE. (2021). Public governance review: Ciberseguridad en América Latina. Organisation for Economic Co-operation and Development. https://www.oecd.org
Paucar-León, V. J., Molina-Granja, F., Lozada-Yánez, R., & Santillán-Lima, J. C. (2022). Model of Long-Term Preservation of Digital Documents in Institutes of Higher Education. In International Conference on Knowledge Management in Organizations (pp. 257-269). Cham: Springer International Publishing.
UIT. (2023). Global Cybersecurity Index 2023. Unión Internacional de Telecomunicaciones. https://www.itu.int
Downloads
Published
Issue
Section
License
Copyright (c) 2025 Fernando Molina-Granja, Diana Carolina Guambo-Vallejo, Juan Carlos Santillán-Lima, Raúl Lozada-Yánez
This work is licensed under a Creative Commons Attribution 4.0 International License.
The authors retain the moral and patrimonial rights of their works. They only give to the magazine Tesla Revista Científica the right to the first publication of this. Since Tesla Revista Científica is an open access publication, readers can fully or partially reproduce its content as long as they properly credit the corresponding authors and the journal itself. Tesla Revista Científica undertakes not to make commercial use of the texts it receives and/or publishes.
Our journal is governed by the international policies SHERPA/RoMEO: Green journal: They allow the self-archiving of both the pre-print (draft of a paper) and the post-print (the version corrected and reviewed by peers) and even the final version ( layout as it will be published in the journal).
See also "Copyright and licences".
