{"id":"https://openalex.org/W2802515083","doi":"https://doi.org/10.1093/cybsec/tyy002","title":"Cybersecurity incident response capabilities in the Ecuadorian financial sector","display_name":"Cybersecurity incident response capabilities in the Ecuadorian financial sector","publication_year":2018,"publication_date":"2018-01-01","ids":{"openalex":"https://openalex.org/W2802515083","doi":"https://doi.org/10.1093/cybsec/tyy002","mag":"2802515083"},"language":"en","primary_location":{"id":"doi:10.1093/cybsec/tyy002","is_oa":true,"landing_page_url":"https://doi.org/10.1093/cybsec/tyy002","pdf_url":"https://academic.oup.com/cybersecurity/article-pdf/4/1/tyy002/27126908/tyy002.pdf","source":{"id":"https://openalex.org/S2735156331","display_name":"Journal of Cybersecurity","issn_l":"2057-2085","issn":["2057-2085","2057-2093"],"is_oa":true,"is_in_doaj":true,"is_core":true,"host_organization":"https://openalex.org/P4310311648","host_organization_name":"Oxford University Press","host_organization_lineage":["https://openalex.org/P4310311648","https://openalex.org/P4310311647"],"host_organization_lineage_names":["Oxford University Press","University of Oxford"],"type":"journal"},"license":"cc-by-nc","license_id":"https://openalex.org/licenses/cc-by-nc","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Journal of Cybersecurity","raw_type":"journal-article"},"type":"article","indexed_in":["crossref","doaj"],"open_access":{"is_oa":true,"oa_status":"gold","oa_url":"https://academic.oup.com/cybersecurity/article-pdf/4/1/tyy002/27126908/tyy002.pdf","any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5010992567","display_name":"Frankie E Catota","orcid":null},"institutions":[{"id":"https://openalex.org/I5459901","display_name":"Universidad Internacional SEK","ror":"https://ror.org/00nk5y742","country_code":"EC","type":"education","lineage":["https://openalex.org/I5459901"]},{"id":"https://openalex.org/I74973139","display_name":"Carnegie Mellon University","ror":"https://ror.org/05x2bcf33","country_code":"US","type":"education","lineage":["https://openalex.org/I74973139"]}],"countries":["EC","US"],"is_corresponding":true,"raw_author_name":"Frankie E Catota","raw_affiliation_strings":["Department of Engineering and Public Policy, Carnegie Mellon University, USA","Engineering Department, Universidad Internacional SEK, Ecuador"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"Department of Engineering and Public Policy, Carnegie Mellon University, USA","institution_ids":["https://openalex.org/I74973139"]},{"raw_affiliation_string":"Engineering Department, Universidad Internacional SEK, Ecuador","institution_ids":["https://openalex.org/I5459901"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5030880091","display_name":"M. Granger Morgan","orcid":"https://orcid.org/0000-0003-1384-5814"},"institutions":[{"id":"https://openalex.org/I74973139","display_name":"Carnegie Mellon University","ror":"https://ror.org/05x2bcf33","country_code":"US","type":"education","lineage":["https://openalex.org/I74973139"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"M Granger Morgan","raw_affiliation_strings":["Department of Engineering and Public Policy, Carnegie Mellon University, USA"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"Department of Engineering and Public Policy, Carnegie Mellon University, USA","institution_ids":["https://openalex.org/I74973139"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5076697184","display_name":"Douglas Sicker","orcid":"https://orcid.org/0000-0003-0296-5212"},"institutions":[{"id":"https://openalex.org/I74973139","display_name":"Carnegie Mellon University","ror":"https://ror.org/05x2bcf33","country_code":"US","type":"education","lineage":["https://openalex.org/I74973139"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Douglas C Sicker","raw_affiliation_strings":["Department of Engineering and Public Policy, Carnegie Mellon University, USA"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"Department of Engineering and Public Policy, Carnegie Mellon University, USA","institution_ids":["https://openalex.org/I74973139"]}]}],"institutions":[],"countries_distinct_count":2,"institutions_distinct_count":3,"corresponding_author_ids":["https://openalex.org/A5010992567"],"corresponding_institution_ids":["https://openalex.org/I5459901","https://openalex.org/I74973139"],"apc_list":{"value":1864,"currency":"USD","value_usd":1864},"apc_paid":{"value":1864,"currency":"USD","value_usd":1864},"fwci":3.289,"has_fulltext":false,"cited_by_count":31,"citation_normalized_percentile":{"value":0.93541257,"is_in_top_1_percent":false,"is_in_top_10_percent":true},"cited_by_percentile_year":{"min":94,"max":99},"biblio":{"volume":"4","issue":"1","first_page":null,"last_page":null},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10734","display_name":"Information and Cyber Security","score":0.9998000264167786,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10734","display_name":"Information and Cyber Security","score":0.9998000264167786,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9991999864578247,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":0.9991000294685364,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/business","display_name":"Business","score":0.6495108604431152},{"id":"https://openalex.org/keywords/scarcity","display_name":"Scarcity","score":0.6024109125137329},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.4914194345474243},{"id":"https://openalex.org/keywords/financial-services","display_name":"Financial services","score":0.48620742559432983},{"id":"https://openalex.org/keywords/public-relations","display_name":"Public relations","score":0.4627227187156677},{"id":"https://openalex.org/keywords/cyber-attack","display_name":"Cyber-attack","score":0.4411603808403015},{"id":"https://openalex.org/keywords/data-breach","display_name":"Data breach","score":0.4388476610183716},{"id":"https://openalex.org/keywords/service","display_name":"Service (business)","score":0.419717401266098},{"id":"https://openalex.org/keywords/finance","display_name":"Finance","score":0.4077039062976837},{"id":"https://openalex.org/keywords/marketing","display_name":"Marketing","score":0.2660754323005676},{"id":"https://openalex.org/keywords/economics","display_name":"Economics","score":0.17429879307746887},{"id":"https://openalex.org/keywords/political-science","display_name":"Political science","score":0.12977683544158936},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.12600046396255493}],"concepts":[{"id":"https://openalex.org/C144133560","wikidata":"https://www.wikidata.org/wiki/Q4830453","display_name":"Business","level":0,"score":0.6495108604431152},{"id":"https://openalex.org/C109747225","wikidata":"https://www.wikidata.org/wiki/Q815758","display_name":"Scarcity","level":2,"score":0.6024109125137329},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.4914194345474243},{"id":"https://openalex.org/C139043278","wikidata":"https://www.wikidata.org/wiki/Q837171","display_name":"Financial services","level":2,"score":0.48620742559432983},{"id":"https://openalex.org/C39549134","wikidata":"https://www.wikidata.org/wiki/Q133080","display_name":"Public relations","level":1,"score":0.4627227187156677},{"id":"https://openalex.org/C201307755","wikidata":"https://www.wikidata.org/wiki/Q4071928","display_name":"Cyber-attack","level":2,"score":0.4411603808403015},{"id":"https://openalex.org/C165609540","wikidata":"https://www.wikidata.org/wiki/Q1172486","display_name":"Data breach","level":2,"score":0.4388476610183716},{"id":"https://openalex.org/C2780378061","wikidata":"https://www.wikidata.org/wiki/Q25351891","display_name":"Service (business)","level":2,"score":0.419717401266098},{"id":"https://openalex.org/C10138342","wikidata":"https://www.wikidata.org/wiki/Q43015","display_name":"Finance","level":1,"score":0.4077039062976837},{"id":"https://openalex.org/C162853370","wikidata":"https://www.wikidata.org/wiki/Q39809","display_name":"Marketing","level":1,"score":0.2660754323005676},{"id":"https://openalex.org/C162324750","wikidata":"https://www.wikidata.org/wiki/Q8134","display_name":"Economics","level":0,"score":0.17429879307746887},{"id":"https://openalex.org/C17744445","wikidata":"https://www.wikidata.org/wiki/Q36442","display_name":"Political science","level":0,"score":0.12977683544158936},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.12600046396255493},{"id":"https://openalex.org/C175444787","wikidata":"https://www.wikidata.org/wiki/Q39072","display_name":"Microeconomics","level":1,"score":0.0}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1093/cybsec/tyy002","is_oa":true,"landing_page_url":"https://doi.org/10.1093/cybsec/tyy002","pdf_url":"https://academic.oup.com/cybersecurity/article-pdf/4/1/tyy002/27126908/tyy002.pdf","source":{"id":"https://openalex.org/S2735156331","display_name":"Journal of Cybersecurity","issn_l":"2057-2085","issn":["2057-2085","2057-2093"],"is_oa":true,"is_in_doaj":true,"is_core":true,"host_organization":"https://openalex.org/P4310311648","host_organization_name":"Oxford University Press","host_organization_lineage":["https://openalex.org/P4310311648","https://openalex.org/P4310311647"],"host_organization_lineage_names":["Oxford University Press","University of Oxford"],"type":"journal"},"license":"cc-by-nc","license_id":"https://openalex.org/licenses/cc-by-nc","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Journal of Cybersecurity","raw_type":"journal-article"}],"best_oa_location":{"id":"doi:10.1093/cybsec/tyy002","is_oa":true,"landing_page_url":"https://doi.org/10.1093/cybsec/tyy002","pdf_url":"https://academic.oup.com/cybersecurity/article-pdf/4/1/tyy002/27126908/tyy002.pdf","source":{"id":"https://openalex.org/S2735156331","display_name":"Journal of Cybersecurity","issn_l":"2057-2085","issn":["2057-2085","2057-2093"],"is_oa":true,"is_in_doaj":true,"is_core":true,"host_organization":"https://openalex.org/P4310311648","host_organization_name":"Oxford University Press","host_organization_lineage":["https://openalex.org/P4310311648","https://openalex.org/P4310311647"],"host_organization_lineage_names":["Oxford University Press","University of Oxford"],"type":"journal"},"license":"cc-by-nc","license_id":"https://openalex.org/licenses/cc-by-nc","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Journal of Cybersecurity","raw_type":"journal-article"},"sustainable_development_goals":[],"awards":[],"funders":[],"has_content":{"pdf":false,"grobid_xml":false},"content_urls":null,"referenced_works_count":37,"referenced_works":["https://openalex.org/W48379747","https://openalex.org/W608130084","https://openalex.org/W620042716","https://openalex.org/W644893764","https://openalex.org/W1499966149","https://openalex.org/W1516532723","https://openalex.org/W1547450212","https://openalex.org/W1602220440","https://openalex.org/W1979361802","https://openalex.org/W2017809722","https://openalex.org/W2033561955","https://openalex.org/W2037202491","https://openalex.org/W2060678717","https://openalex.org/W2107966619","https://openalex.org/W2110770770","https://openalex.org/W2117667893","https://openalex.org/W2117906159","https://openalex.org/W2152146950","https://openalex.org/W2156607688","https://openalex.org/W2167842235","https://openalex.org/W2170523326","https://openalex.org/W2271008257","https://openalex.org/W2294662036","https://openalex.org/W2339721090","https://openalex.org/W2390008750","https://openalex.org/W2469644868","https://openalex.org/W2782478641","https://openalex.org/W3118517595","https://openalex.org/W3121840377","https://openalex.org/W3125210271","https://openalex.org/W3161918289","https://openalex.org/W3214833809","https://openalex.org/W4210266400","https://openalex.org/W4231625493","https://openalex.org/W4247220691","https://openalex.org/W6694164379","https://openalex.org/W6788651489"],"related_works":["https://openalex.org/W4361022974","https://openalex.org/W4385250032","https://openalex.org/W3183968355","https://openalex.org/W1933110306","https://openalex.org/W3115198773","https://openalex.org/W4293335300","https://openalex.org/W2898883186","https://openalex.org/W2357427153","https://openalex.org/W4291634614","https://openalex.org/W4386164797"],"abstract_inverted_index":{"Cyber-threats":[0],"have":[1,44],"been":[2,34,233],"successfully":[3],"targeting":[4],"the":[5,12,18,74,77,95,107,114,174,216,226,237,256,261],"financial":[6,69,79,176,208,258],"sector":[7,177,196],"worldwide.":[8],"While":[9],"much":[10],"of":[11,41,204,207,239,263],"efforts":[13],"and":[14,87,103,126,130,141,144,167,186,192,209,212,223,266],"resources":[15],"to":[16,36,50,52,60,62,65,111,113,163,165,249,279,285],"address":[17],"risk":[19],"imposed":[20,199,214],"by":[21,183,200,215],"these":[22,42,63],"cyber":[23,46],"threats":[24],"are":[25,276],"directed":[26],"at":[27,132],"developed":[28,96],"economies,":[29],"far":[30],"less":[31],"attention":[32],"has":[33,230],"devoted":[35],"developing":[37],"nations.":[38],"Because":[39],"many":[40],"nations":[43],"modest":[45],"capabilities,":[47],"their":[48,67],"ability":[49],"respond":[51,61,112],"cyber-attacks":[53,146],"can":[54],"be":[55],"limited,":[56],"yet":[57],"they":[58],"need":[59],"attacks":[64],"protect":[66],"critical":[68],"infrastructure.":[70],"This":[71],"study":[72],"explores":[73],"challenges":[75,213],"that":[76,173,229,244],"Ecuadorian":[78,175,257],"industry":[80],"confronts":[81,179],"when":[82],"dealing":[83],"with":[84,120,159],"cybersecurity":[85,109,180],"incidents":[86],"examines":[88],"two":[89,145],"potential":[90],"strategies":[91,254],"often":[92],"applied":[93],"in":[94,190,225],"world\u2014\u201cComputer":[97],"Security":[98],"Incident":[99],"Response":[100],"Teams":[101],"(CSIRT)\u201d":[102],"\u201cinformation":[104],"sharing\u201d\u2014to":[105],"improve":[106],"sector\u2019s":[108],"capabilities":[110],"associated":[115],"risk.":[116],"Thirty-three":[117],"semi-structured":[118],"interviews":[119],"multiple":[121],"stakeholders":[122,275],"(financial":[123],"security":[124,127,160,289],"managers":[125,131],"officers,":[128],"authorities,":[129],"Internet":[133],"service":[134],"providers)":[135],"were":[136],"conducted":[137],"using":[138],"both":[139,184],"structured":[140],"open-ended":[142],"questions,":[143],"scenarios.":[147],"Based":[148],"upon":[149],"a":[150,264],"qualitative":[151],"text":[152],"analysis,":[153],"this":[154],"work":[155],"reports":[156],"on":[157],"experiences":[158],"incidents,":[161],"barriers":[162],"responding":[164],"threats,":[166,274],"stakeholders\u2019":[168,241],"desired":[169],"responses.":[170],"We":[171],"find":[172],"already":[178],"risks,":[181],"driven":[182],"outsiders":[185],"insiders,":[187],"which":[188],"result":[189],"fraud":[191],"operational":[193],"failures.":[194],"The":[195],"faces":[197],"constraints":[198],"computer":[201],"users\u2019":[202],"lack":[203],"awareness,":[205],"scarcity":[206],"technical":[210,281],"resources,":[211],"ecosystem,":[217],"such":[218],"as":[219,283],"little":[220],"community":[221],"support":[222],"weaknesses":[224],"legal":[227],"framework":[228],"only":[231],"recently":[232],"somewhat":[234],"strengthened.":[235],"In":[236],"pursuit":[238],"improvement,":[240],"postures":[242],"suggest":[243],"there":[245],"is":[246],"an":[247,267],"opportunity":[248],"establish":[250],"better":[251],"incident":[252],"response":[253],"for":[255],"services":[259],"through":[260],"creation":[262],"CSIRT":[265],"information-sharing":[268],"program.":[269],"To":[270],"decrease":[271],"uncertainty":[272],"about":[273,288],"more":[277],"likely":[278],"share":[280],"information":[282,287],"opposed":[284],"quantitative":[286],"incidents.":[290]},"counts_by_year":[{"year":2026,"cited_by_count":2},{"year":2025,"cited_by_count":2},{"year":2024,"cited_by_count":5},{"year":2023,"cited_by_count":7},{"year":2022,"cited_by_count":7},{"year":2021,"cited_by_count":3},{"year":2020,"cited_by_count":3},{"year":2019,"cited_by_count":2}],"updated_date":"2026-05-19T21:40:30.786675","created_date":"2025-10-10T00:00:00"}