Dynamic Cybersecurity Model based on ISO standards for Higher Education Institutions in Colombia

Introduction: This article is the result of a research process whose product was to generate a guide for Higher Education Institutions (in Spanish, IES) to adopt a Cybersecurity Model based on ISO standards (International Organization for Standardization). Problem: IES do not have a cybersecurity model aligned to the ISO / IEC 27032: 2012 standard (International Organization for Standardization / International Electrotechnical Commission), which causes a lack of clarity and uncertainty in the level of maturity and a low efficiency in the processes and information security controls to be implemented. Objective: Propose a dynamic model of cybersecurity based on ISO standards for IES. Methodology: The development of this work was oriented under a line of applied research. Results: A dynamic model that can be adapted to the different needs and requirements of IES has been generated. Conclusion: IES can implement a cybersecurity model to prevent and protect information at the cyberspace level. Originality: At present there are no specific dynamic cybersecurity models for IES. Limitations: The model implementation guide is established in a general way to be applied later to an organization in any sector.