Cyber Risk and Vulnerability in Local Governments of Costa Rica: A Case Study (#239)

Authors

Quiros Perez, Fabiana

Rojas-Segura, Javier

Martinez-Villavicencio, Jose

Abstract

Cybersecurity has become a major global concern due to its direct connection to the protection of sensitive information. However, academic research has largely focused on other sectors, overlooking local governments that also face significant challenges. This gap in the literature is precisely what this study seeks to address. The research aimed to identify the main cybersecurity vulnerabilities affecting five selected municipalities of Costa Rica, as well as to assess their current level of cybersecurity maturity using the Cybersecurity Maturity Model. A case study methodology was used, applying a fourteen-dimensional questionnaire. This approach enabled the collection of data on cybersecurity policies, practices, and resources within the municipalities. Findings revealed a low level of cybersecurity maturity, particularly in areas such as “Cybersecurity Policies,” “Communications Security,” and “Cybersecurity Incident Management,” exposing municipalities to significant cyber risks. These results highlight the situation of digital public management, contributing to filling the academic gap on the subject.