Local Network Data Security Alternatives for Small and Medium-Sized Enterprises

Abstract

This article has been carried out because Cybersecurity is the practice of protecting systems, networks, and data from unauthorized access, use, disclosure, disruption, modification, or destruction. In short, it is the security of everything connected to the internet. Our country has recognized the importance of cybersecurity and has implemented several initiatives to protect its citizens’ critical infrastructure and data. These initiatives include the National Cybersecurity Strategy, Security Operations Centers (SOCs), and training programs. Small- and medium-sized enterprises in our country are exposed to these problems and lack the capacity or access to these resources; therefore, the present work proposes low-cost alternatives. The paper aims to provide best-in-class cybersecurity proposals that reflect publicly available standards and best practices, resulting from consensus among international experts with a wide range of skills, Knowledge, and experience in the field. Additional guidance for implementing the requirements of ISO/IEC 27001:2022 and NIST SP 800-53, as defined by Information Security Management Systems (ISMS), will also be added. Adoption will benefit the company by increasing its resistance to cyberattacks. Preparation for new threats, Integrity, confidentiality, and availability of information, Security on all media, Protection throughout the company, and Cost savings. The proposed equipment must handle internet speeds exceeding 50 Mbps and be integrated with other systems, with installation and configuration details provided to demonstrate its general functionality. The use of protective equipment for the safety net, its explanation, and awareness of its importance are targeted at small and medium-sized enterprises.