La ciberseguridad como prioridad empresarial dentro de marcos los regulatorios y normativos internacionales

Cindy Johanna Choez-Calderón; Mora Olivero Aldo-Patricio

doi:10.55813/gaea/rcym/v3/n3/38

PDF (Spanish) HTML (Spanish)

Published: 2025-07-15

DOI: https://doi.org/10.55813/gaea/rcym/v3/n3/38

Keywords:

cybersecurity, international regulation, risk management, international standards, corporate sustainability

Choez-Calderón, Cindy Johanna

Universidad Técnica Luis Vargas Torres de Esmeraldas

https://orcid.org/0000-0003-3968-9397

Aldo-Patricio, Mora Olivero

Universidad Técnica Luis Vargas Torres de Esmeraldas

https://orcid.org/0000-0002-4337-7452

Abstract

The study critically examines how cybersecurity has become a strategic business priority in the face of proliferating digital threats and increasing international regulatory fragmentation. Using an exploratory literature review approach, scientific publications, technical reports and key regulations such as GDPR, CCPA and ISO/IEC 27001 were collected and analyzed, identifying the challenges organizations face in harmonizing standards and meeting diverse legal obligations. The results reveal that regulatory heterogeneity increases operational complexity, raises compliance costs, and creates legal and reputational risks. However, it is observed that the adoption of international standards contributes to strengthening institutional trust, facilitates alignment with local requirements and enhances corporate resilience in the face of security incidents. The discussion highlights that standardization not only acts as a reactive response to regulatory pressures, but also as a proactive strategy to consolidate corporate legitimacy and competitive advantage. It is concluded that integrating cybersecurity into the organizational culture and prioritizing recognized frameworks constitutes a central axis of sustainability and differentiation, requiring investment, continuous training and managerial commitment to face a dynamic and complex digital environment.

Downloads

Download data is not yet available.

Issue

Vol. 3 No. 3 (2025): New Perspectives on Multidisciplinary Reality

Section

Artículos

This work is licensed under a Creative Commons Attribution-NonCommercial 4.0 International License.

Author Biographies

Choez-Calderón, Cindy Johanna, Universidad Técnica Luis Vargas Torres de Esmeraldas

Systems and Computer Engineer, Master in Information Technologies, in the last year of her PhD, four years of teaching experience, 2 books published, 20 scientific articles, president of thesis tribunal.

Aldo-Patricio, Mora Olivero, Universidad Técnica Luis Vargas Torres de Esmeraldas

Systems and Computer Engineering, Master's Degree in Information Technology

How to Cite

Choez-Calderón, C. J., & Aldo-Patricio, M. O. (2025). Cybersecurity as a business priority within international regulatory and policy frameworks. Scientific Journal Science and Method, 3(3), 14-27. https://doi.org/10.55813/gaea/rcym/v3/n3/38

References

Bada, M., & Nurse, J. R. C. (2019). Developing cybersecurity education and awareness programmes for small- and medium-sized enterprises (SMEs). Information & Computer Security, 27(3), 393–410. https://doi.org/10.1108/ICS-07-2018-0080 DOI: https://doi.org/10.1108/ICS-07-2018-0080

Bamberger, K. A., & Mulligan, D. K. (2015). Privacy on the Ground: Driving Corporate Behavior in the United States and Europe. MIT Press. DOI: https://doi.org/10.7551/mitpress/9905.001.0001

Barzola-Plúas, Y. G., Samaniego-Quiguiri, D. P., Núñez-Ribadeneyra, R. A., & Bonilla-Morejón, D. M. (2023). Protección de datos personales en la era de la computación cuántica y sus desafíos legales. Revista Científica Ciencia Y Método, 1(3), 45-57. https://doi.org/10.55813/gaea/rcym/v1/n3/19 DOI: https://doi.org/10.55813/gaea/rcym/v1/n3/19

Bonilla-Fierro, L. F., & Boné-Andrade, M. F. (2025). Desarrollo de plataformas de comunicación inclusivas mediante diseño universal. Revista Científica Ciencia Y Método, 3(2), 59-73. https://doi.org/10.55813/gaea/rcym/v3/n2/5 DOI: https://doi.org/10.55813/gaea/rcym/v3/n2/5

Castelo-Vinueza, E. M. (2025). Problemas de la investigación tecnológica y su aplicación en la generación de innovación. Journal of Economic and Social Science Research, 5(1), 146–160. https://doi.org/10.55813/gaea/jessr/v5/n1/166 DOI: https://doi.org/10.55813/gaea/jessr/v5/n1/166

Cavusoglu, H., Cavusoglu, H., & Raghunathan, S. (2004). Economics of IT security management: Four improvements to current security practices. Communications of the Association for Information Systems, 14, 65–75. https://doi.org/10.17705/1CAIS.01403 DOI: https://doi.org/10.17705/1CAIS.01403

Erazo-Luzuriaga, A. F. (2024). Integración de las TICs en el aula: Un análisis de su impacto en el rendimiento académico. Revista Científica Zambos, 3(1), 56-72. https://doi.org/10.69484/rcz/v3/n1/12 DOI: https://doi.org/10.69484/rcz/v3/n1/12

European Union Agency for Cybersecurity. (2020). Threat Landscape 2020. ENISA.

Galarza-Sánchez, P. C. (2023). Adopción de Tecnologías de la Información en las PYMEs Ecuatorianas: Factores y Desafíos. Revista Científica Zambos, 2(1), 21-40. https://doi.org/10.69484/rcz/v2/n1/36 DOI: https://doi.org/10.69484/rcz/v2/n1/36

Galarza-Sánchez, P. C., Agualongo-Yazuma, J. C., & Jumbo-Martínez, M. N. (2022). Innovación tecnológica en la industria de restaurantes del Cantón Pedro Vicente Maldonado. Journal of Economic and Social Science Research, 2(1), 31–43. https://doi.org/10.55813/gaea/jessr/v2/n1/45 DOI: https://doi.org/10.55813/gaea/jessr/v2/n1/45

Greenleaf, G. (2018). Global data privacy laws 2017: 120 national data privacy laws, including Indonesia and Turkey. Privacy Laws & Business International Report, (145), 10–13. https://papers.ssrn.com/sol3/papers.cfm?abstract_id=2993035

Herath, T., & Rao, H. R. (2009). Protection motivation and deterrence: A framework for security policy compliance in organisations. European Journal of Information Systems, 18(2), 106–125. https://doi.org/10.1057/ejis.2009.6 DOI: https://doi.org/10.1057/ejis.2009.6

Humphreys, E. (2007). Implementing the ISO/IEC 27001 Information Security Management System Standard. Artech House.

IBM Security. (2024). Cost of a Data Breach Report 204. https://www.ibm.com/security/data-breach

International Organization for Standardization. (2013). ISO/IEC 27001:2013 Information technology – Security techniques – Information security management systems – Requirements. ISO.

Karamanov, B., & Mitreva, E. (2022). Benefits and challenges of implementing ISO/IEC 27001 standard in small and medium enterprises. Quality-Access to Success, 23(192), 17–23.

Kostopoulos, G. (2018). Cybersecurity Programs and Policies: Procedures and Controls for Government and Corporate Systems. Burlington, MA: Jones & Bartlett Learning.

Kshetri, N. (2014). 1 The Emerging Role of Big Data in Key Development Issues: Opportunities, Challenges, and Concerns. Big Data for Development, 1–34. https://doi.org/10.1177/2053951714564227 DOI: https://doi.org/10.1177/2053951714564227

Kuner, C. (2013). Transborder Data Flows and Data Privacy Law. Oxford University Press. DOI: https://doi.org/10.1093/acprof:oso/9780199674619.001.0001

NIST. (2018). Framework for Improving Critical Infrastructure Cybersecurity. National Institute of Standards and Technology. https://doi.org/10.6028/NIST.CSWP.04162018 DOI: https://doi.org/10.6028/NIST.CSWP.04162018

Puhl, K., & Frey, R. (2021). Cybersecurity regulatory frameworks in the European financial sector. Journal of Banking Regulation, 22(3), 215–229.

Safa, N. S., & Von Solms, R. (2016). An information security knowledge sharing model in organizations. Computers in Human Behavior, 57, 442–451. https://doi.org/10.1016/j.chb.2015.12.037 DOI: https://doi.org/10.1016/j.chb.2015.12.037

Sánchez-Caguana, D. F., Philco-Reinozo, M. A., Salinas-Arroba, J. M., & Pico-Lescano, J. C. (2024). Impacto de la Inteligencia Artificial en la Precisión y Eficiencia de los Sistemas Contables Modernos. Journal of Economic and Social Science Research, 4(3), 1–12. https://doi.org/10.55813/gaea/jessr/v4/n3/117 DOI: https://doi.org/10.55813/gaea/jessr/v4/n3/117

Sangacha-Tapia, L., González-Cañizalez, Y., & Rivas-Herrera, J. (2025). Optimización de Criterios de Búsqueda avanzada para Nuevas Tendencias en la Académica mediante Machine Learning. Revista Científica Zambos, 4(2), 197-211. https://doi.org/10.69484/rcz/v4/n2/114 DOI: https://doi.org/10.69484/rcz/v4/n2/114

Sund, K. J. (2020). Managing cybersecurity in supply chains: A systematic literature review and future research agenda. Computers & Security, 92, 101833.

Voigt, P., & Von dem Bussche, A. (2017). The EU General Data Protection Regulation (GDPR): A Practical Guide. Springer. https://doi.org/10.1007/978-3-319-57959-7 DOI: https://doi.org/10.1007/978-3-319-57959-7

Von Solms, R., & Van Niekerk, J. (2013). From information security to cyber security. Computers & Security, 38, 97–102. https://doi.org/10.1016/j.cose.2013.04.004 DOI: https://doi.org/10.1016/j.cose.2013.04.004

Article Sidebar

Main Article Content