Advanced cybersecurity controls at softwareONE Ecuador: strengthening corporate protection

Authors

  • Henry Nelson Revelo-Quiñónez

DOI:

https://doi.org/10.51247/pdlc.v7i3.777

Keywords:

advanced controls, corporate cybersecurity, data protection, phishing, ransomware

Abstract

The accelerated digital transformation process has exponentially increased organizations' exposure to highly sophisticated cyber threats. This article analyzes the current state of corporate cybersecurity at SoftwareONE Ecuador and identifies the main security gaps in the technology services sector in the country, where the average cybersecurity maturity of companies falls below 60%. Using a descriptive-analytical approach and specialized secondary sources, it proposes the implementation of advanced cybersecurity controls aligned with ISO/IEC 27001:2022 and NIST Cybersecurity Framework 2.0 standards, with emphasis on reducing vulnerabilities associated with phishing, ransomware and unauthorized credential access. Expected results include a significant reduction in vulnerabilities in the local technological infrastructure, strengthening of confidentiality, integrity and availability principles, and proactive compliance with Ecuador's Personal Data Protection Law. This work constitutes a methodological contribution applicable to subsidiaries of multinational companies with emerging operations in Ecuador

Downloads

Download data is not yet available.

References

Adebola , F., Ifeoluwa , W., Bunmi , S., & Viqaruddin , M. (08 de septiembre de 2024). Security compliance and its implication for cybersecurity. Obtenido de World Journal of Advanced Research and Reviews, 2024, 24(01), 2105-2121: https://wjarr.com/content/security-compliance-and-its-implication-cybersecurity

Almeida, F., Oliveira, J., & Cruz, J. (2024). Earlier decision on detection of ransomware identification: A comprehensive systematic literature review. Information, 15(8), 484. . Obtenido de mdpi.com: https://doi.org/10.3390/info15080484

Bezborodko, A. (2024). Cybersecurity threatscape for Latin America and the Caribbean: 2023–2024. Obtenido de global.ptsecurity.com: https://global.ptsecurity.com/en/research/analytics/cybersecurity-threatscape-for-latin-america-and-the-caribbean-2023-2024/#Navigation-1

Datta, P., Goyal, V., Shah, C., & Ghosh, A. (2025). A systematic review of voluntary cybersecurity standards and frameworks. International Journal of Information Security. . Obtenido de link.springer.com: https://link.springer.com/article/10.1007/s10207-025-01121-0

Foro Económico Mundial. (2023). Global Cybersecurity Outlook 2023. Obtenido de weforum.org: https://www.weforum.org/publications/global-cybersecurity-outlook-2023/

GMS Lexis. (28 de agosto de 2024). Ecuador enfrenta aumento de ciberataques mientras la inversión en ciberseguridad crece. Obtenido de lexis.com.ec: https://www.lexis.com.ec/noticias/ecuador-enfrenta-aumento-de-ciberataques-mientras-la-inversion-en-ciberseguridad-crece

González, C. (2023). Claves para el cumplimiento de la Ley de Protección de Datos en una empresa. Russell Bedford Ecuador. Obtenido de russellbedford.com.ec: https://russellbedford.com.ec/aplicacion-de-la-ley-de-proteccion-de-datos-en-una-empresa-ecuador/

International Organization for Standardization . (2022). ISO/IEC 27001:2022: Information security, cybersecurity and privacy protection – Information security management systems – Requirements. ISO. . Obtenido de iso.org: https://www.iso.org/standard/27001

IT ahora. (04 de junio de 2024). Presentación 5to. Informe Estado Actual de la Ciberseguridad Ecuador 2024: Sector privado. Obtenido de itahora.com: https://itahora.com/2024/06/04/presentacion-5to-informe-estado-actual-de-la-ciberseguridad-ecuador-2024-sector-privado/

ITU. (2022). Global Cybersecurity Index 2020. Obtenido de International Telecommunication Union: https://www.itu.int/en/ITU-D/Cybersecurity/Pages/global-cybersecurity-index.aspx

Luidold, S., & Jungbauer, A. (2024). Cybersecurity policy framework requirements for the establishment of highly interoperable and interconnected health data spaces. . Obtenido de Frontiers in Medicine: https://doi.org/10.3389/fmed.2024.1379852

Marican, M. N., Razak, S. A., Selamat, A., & Othman, S. H. (2023). Cyber security maturity assessment framework for technology startups: A systematic literature review. IEEE Access, 11, 5442–5452. . Obtenido de ieeexplore.ieee.org: https://doi.org/10.1109/ACCESS.2022.3229766

NIST. (2024). The NIST Cybersecurity Framework (CSF) 2.0 (NIST CSWP 29). U.S. Department of Commerce. . Obtenido de nvlpubs.nist.gov: https://nvlpubs.nist.gov/nistpubs/CSWP/NIST.CSWP.29.pdf

Positive Technologies. (2024). Cybersecurity threatscape for Latin America and the Caribbean: 2023–2024. Obtenido de global.ptsecurity.com: https://global.ptsecurity.com/en/research/analytics/cybersecurity-threatscape-for-latin-america-and-the-caribbean-2023-2024/

Saphirtek. (2024). Ciberataques en Ecuador: alarmante aumento en 2024. . Obtenido de aphirtek.com: https://www.saphirtek.com/blogs/ciberataques-en-ecuador-alarmante-aumento-en-2024

Sarkar, A. D., Eroglu, B., & Baykal, N. (2023). Counterattacking cyber threats: A framework for the future of cybersecurity. . Obtenido de Sustainability, 15(18), 13369.: https://doi.org/10.3390/su151813369

Urgilés, C., & Ron Egas, M. (2023). Análisis de riesgos y amenazas de ciberseguridad en el Estado ecuatoriano. . Obtenido de Pro Sciences: Revista de Producción, Ciencias e Investigación, 7(49). : https://journalprosciences.com/index.php/ps/article/download/676/721/1791

World Bank Group. (2023). World Development Report 2023: Migrants, Refugees, and Societies — Digital Economy and Cybersecurity. The World Bank. Obtenido de The World Bank: https://www.worldbank.org/en/publication/wdr2023

Downloads

Published

2026-07-01

How to Cite

Advanced cybersecurity controls at softwareONE Ecuador: strengthening corporate protection. (2026). Science Portal, 7(3), 472-495. https://doi.org/10.51247/pdlc.v7i3.777

Similar Articles

1-10 of 62

You may also start an advanced similarity search for this article.