Implementation of an Educational CSIRT at the Central University of Ecuador
摘要
This study aimed to validate the implementation of a Computer Security Incident Response Team (CSIRT) adapted to the university context, specifically at the Central University of Ecuador (UCE). A case study methodological design was used with a mixed qualitative-quantitative approach, based on incident simulations, training programs and the creation of a specialized team. The results revealed a 60% reduction in response time to incidents such as phishing, ransomware and unauthorized access. In addition, educational programs managed to reduce human errors by 45%, significantly increasing the perception of institutional security among students, teachers and administrative staff. The simulations carried out demonstrated the effectiveness of the CSIRT in the mitigation and prevention of cyber-attacks, high-lighting improvements of 67% in ransomware containment time and a 789% in-crease in voluntary incident reports. These results confirm that a CSIRT adapted to the educational field is an effective and replicable strategy to strengthen the security position in universities, enhancing prevention and response to cyber threats.