Importance of combining information security and cybersecurity in software development processes

Ochoa Torres, Raúl Antonio; Enrique López, David

Importancia de combinar seguridad de la información y ciberseguridad en procesos de desarrollo de software

dc.creator	Ochoa Torres, Raúl Antonio
dc.creator	Enrique López, David
dc.date	2025-06-30
dc.date.accessioned	2025-09-24T21:22:43Z
dc.date.available	2025-09-24T21:22:43Z
dc.identifier	https://esdegrevistas.edu.co/index.php/rcit/article/view/4962
dc.identifier	10.25062/2955-0270.4962
dc.identifier.uri	https://hdl.handle.net/20.500.14205/11631
dc.description	The use of specialized software is an imperative need for companies that wish to compete and differentiate themselves from their rivals. To have an in-house software development process, all measures and methodologies must be established to ensure that the generated product meets expected quality and reliability standards. Therefore, the integration of information security and cybersecurity with agile methodologies is necessary. This article explores the importance of incorporating information security and cybersecurity recommendations and practices into software development from the earliest stages of the software development life cycle using agile methodologies, which could mitigate risks and improve project stability in the face of future scenarios of uncertainty generated by external threats.	en-US
dc.description	El uso de software especializado es una necesidad imperiosa para las empresas que quieran competir y diferenciarse de sus rivales. Para contar con un proceso de desarrollo de software interno, deben establecerse todas las medidas y metodologías para garantizar que el producto generado cumpla con los estándares de calidad y confiabilidad esperados. Es necesaria, pues, la integración de la seguridad de la información y la ciberseguridad con las metodologías ágiles. Este artículo explora la importancia en el desarrollo de software la incorporación de recomendaciones y prácticas de seguridad de la información y ciberseguridad desde las primeras fases del ciclo de desarrollo de software con metodologías ágiles, lo que podría mitigar riesgos y mejorar la estabilidad de los proyectos ante futuros escenarios de incertidumbre generados por amenazas externas.	es-ES
dc.format	application/pdf
dc.language	spa
dc.publisher	Sello Editorial ESDEG	es-ES
dc.relation	https://esdegrevistas.edu.co/index.php/rcit/article/view/4962/5416
dc.relation	/ref/Baca, D., & Petersen, K. (2013). Prioritizing agile software security practices. Information and Software Technology, 56(8), 1027-1042.
dc.relation	/ref/Beck, K., et al. (2001). Manifesto for Agile Software Development. Agile Alliance. https://agilemanifesto.org/
dc.relation	/ref/Boehm, B., & Turner, R. (2003). Balancing Agility and Discipline: A Guide for the Perplexed. Addison-Wesley.
dc.relation	/ref/Campbell-Kelly, M. (2002). The computer history of software packages. IEEE Annals of the History of Computing, 24(1), 66-81. https://doi.org/10.1109/MAHC.2002.988810
dc.relation	/ref/Díaz-Arancibia, J., & Cadena-Martínez, R. (2023). Towards the integration of security practices in agile software development: A systematic mapping review. Applied Sciences, 13(7), 4578. https://doi.org/10.3390/app13074578
dc.relation	/ref/Global Risk Report. (2024). World Economic Forum, Pg 7-8. ISBN: 978-2-940631-64-3, https://n9.cl/mlb4i
dc.relation	/ref/International Organization for Standardization (ISO). (2022). ISO/IEC 27001:2022 Information technology. Security techniques. Information security management systems. Requirements. ISO.
dc.relation	/ref/International Organization for Standardization. (2023). ISO/IEC 27032:2023 - Information technology - Security techniques - Guidelines for cybersecurity. ISO.
dc.relation	/ref/Kersten, M. (2018). The DevOps transformation: Secure software development in the age of agile.
dc.relation	/ref/John Wiley & Sons, Inc. Manes, S., & Andrews, P. (1993). Gates: How Microsoft’s mogul reinvented an industry and made himself the richest man in America. Doubleday.
dc.relation	/ref/Nicolaysen, T., Sasson, R., Line, M. B., & Jaatun, M. G. (2010). Agile software development: The straight and narrow path to secure software? International Journal of Secure Software Engineering (IJSSE), 1(3), 71-85. https://doi.org/10.4018/jsse.2010070105
dc.relation	/ref/Oueslati, H., Rahman, M. M., & ben Othmane, L. (2015). Literature review of the challenges of developing secure software using the agile approach. In 10th International Conference on Availability, Reliability and Security (pp. 540–547). IEEE. https://doi.org/10.1109/ARES.2015.75
dc.relation	/ref/Poppendieck, M., & Poppendieck, T. (2003). Lean Software Development: An Agile Toolkit. Addison-Wesley.
dc.relation	/ref/San Miguel, J. (2018). Diseño y levantamiento de un sistema seguro de manejo de historias clínicas en Colombia. Universidad Nacional de Colombia. https://n9.cl/m91j0y
dc.relation	/ref/Schneier, B. (2000). Secrets and lies: Digital security in a networked world. John Wiley & Sons, Inc.
dc.relation	/ref/Schwaber, K., & Sutherland, J. (2020). The Scrum Guide: The Definitive Guide to Scrum: The Rules of the Game. https://scrumguides.org/scrum-guide.html
dc.relation	/ref/Stallings, W., Brown, L., & Bauer, M. (2018). Computer Security: Principles and Practice. Pearson Education Upper Saddle River, NJ, USA.
dc.relation	/ref/Whitman, M. E., & Mattord, H. J. (2018). Principles of Information Security. Cengage Learning.
dc.relation	/ref/Baca, D., & Petersen, K. (2013). Prioritizing agile software security practices. Information and Software Technology, 56(8), 1027-1042.
dc.relation	/ref/Beck, K., et al. (2001). Manifesto for Agile Software Development. Agile Alliance. https://agilemanifesto.org/
dc.relation	/ref/Boehm, B., & Turner, R. (2003). Balancing Agility and Discipline: A Guide for the Perplexed. Addison-Wesley.
dc.relation	/ref/Campbell-Kelly, M. (2002). The computer history of software packages. IEEE Annals of the History of Computing, 24(1), 66-81. https://doi.org/10.1109/MAHC.2002.988810
dc.relation	/ref/Díaz-Arancibia, J., & Cadena-Martínez, R. (2023). Towards the integration of security practices in agile software development: A systematic mapping review. Applied Sciences, 13(7), 4578. https://doi.org/10.3390/app13074578
dc.relation	/ref/Global Risk Report. (2024). World Economic Forum, Pg 7-8. ISBN: 978-2-940631-64-3, https://n9.cl/mlb4i
dc.relation	/ref/International Organization for Standardization (ISO). (2022). ISO/IEC 27001:2022 Information technology. Security techniques. Information security management systems. Requirements. ISO.
dc.relation	/ref/International Organization for Standardization. (2023). ISO/IEC 27032:2023 - Information technology - Security techniques - Guidelines for cybersecurity. ISO.
dc.relation	/ref/Kersten, M. (2018). The DevOps transformation: Secure software development in the age of agile.
dc.relation	/ref/John Wiley & Sons, Inc. Manes, S., & Andrews, P. (1993). Gates: How Microsoft’s mogul reinvented an industry and made himself the richest man in America. Doubleday.
dc.relation	/ref/Nicolaysen, T., Sasson, R., Line, M. B., & Jaatun, M. G. (2010). Agile software development: The straight and narrow path to secure software? International Journal of Secure Software Engineering (IJSSE), 1(3), 71-85. https://doi.org/10.4018/jsse.2010070105
dc.relation	/ref/Oueslati, H., Rahman, M. M., & ben Othmane, L. (2015). Literature review of the challenges of developing secure software using the agile approach. In 10th International Conference on Availability, Reliability and Security (pp. 540–547). IEEE. https://doi.org/10.1109/ARES.2015.75
dc.relation	/ref/Poppendieck, M., & Poppendieck, T. (2003). Lean Software Development: An Agile Toolkit. Addison-Wesley.
dc.relation	/ref/San Miguel, J. (2018). Diseño y levantamiento de un sistema seguro de manejo de historias clínicas en Colombia. Universidad Nacional de Colombia. https://n9.cl/m91j0y
dc.relation	/ref/Schneier, B. (2000). Secrets and lies: Digital security in a networked world. John Wiley & Sons, Inc.
dc.relation	/ref/Schwaber, K., & Sutherland, J. (2020). The Scrum Guide: The Definitive Guide to Scrum: The Rules of the Game. https://scrumguides.org/scrum-guide.html
dc.relation	/ref/Stallings, W., Brown, L., & Bauer, M. (2018). Computer Security: Principles and Practice. Pearson Education Upper Saddle River, NJ, USA.
dc.relation	/ref/Whitman, M. E., & Mattord, H. J. (2018). Principles of Information Security. Cengage Learning.
dc.rights	Derechos de autor 2025 Revista Ciberespacio, Tecnologia e Innovación	es-ES
dc.rights	https://creativecommons.org/licenses/by-nc-nd/4.0	es-ES
dc.source	Revista Ciberespacio, Tecnología e Innovación; Vol. 4 Núm. 7 (2025): Sociedad digital y tecnología disruptivas; 5-13	es-ES
dc.source	3028-3310
dc.source	2955-0270
dc.subject	amenaza	es-ES
dc.subject	ciberseguridad	es-ES
dc.subject	desarrollo de software	es-ES
dc.subject	metodologías ágiles	es-ES
dc.subject	riesgo	es-ES
dc.subject	seguridad de la información	es-ES
dc.subject	threat	en-US
dc.subject	cybersecurity	en-US
dc.subject	software development	en-US
dc.subject	agile methodologies	en-US
dc.subject	risk	en-US
dc.subject	information security	en-US
dc.title	Importance of combining information security and cybersecurity in software development processes	en-US
dc.title	Importancia de combinar seguridad de la información y ciberseguridad en procesos de desarrollo de software	es-ES
dc.type	info:eu-repo/semantics/article
dc.type	info:eu-repo/semantics/publishedVersion

Ficheros en el ítem

Ficheros	Tamaño	Formato	Ver
No hay ficheros asociados a este ítem.

Este ítem aparece en la(s) siguiente(s) colección(ones)

Ciberespacio, Tecnología e Innovación [48]

Mostrar el registro sencillo del ítem