Conference Agenda

In the last decade, cloud services have become an essential tool for the transformation of industrial companies, standing out for their scalability, flexibility, and sustainability. This study aims to analyze how these technologies enhance versatility in companies currently facing challenges related to cybersecurity while contributing to sustainability in industrial processes. The PIOC and PRISMA methodologies were employed, selecting 31 relevant articles from databases such as Scopus and IEEE as part of a systematic literature review. The results revealed that cloud services enable industrial companies to adjust their resources in real-time, improving operational efficiency by 30-40% and reducing costs by up to 25% compared to traditional methods. However, significant risks were identified, including insufficient authentication and misconfigurations, which account for 60% of security incidents. Proposed strategies such as advanced firewalls, intrusion detection systems, and cybersecurity training have shown to reduce these risks by 50%, furthermore, virtualization and intelligent resource management have demonstrated a 20-30% reduction in energy consumption, minimizing the carbon footprint and promoting sustainable practices. Companies adopting green technologies in data centers achieve compliance with environmental regulations in over 90% of cases. In conclusión cloud services provide significant value to industrial companies but require comprehensive strategies to balance security, sustainability, and operational versatility. Additionally, exploring emerging technologies, such as artificial intelligence and blockchain, is recommended to optimize risk management and maximize the benefits of cloud services' versatility in industrial environments.

Currently, information security is essential for organizations across all sectors, particularly for military institutions, which handle sensitive data and operate in high-security environments. Cyberattacks, such as unauthorized access and data manipulation, are rapidly evolving in complexity, significantly increasing the risks faced, both personally and organizationally. Vulnerabilities in technological infrastructures, caused by software failures, misconfigurations, or weaknesses in security protocols, create openings for attackers, jeopardizing the integrity of systems. This article proposes a security monitoring tool designed to detect and manage vulnerabilities in real-time, using the Wazuh tool. A methodology was implemented, including the installation and configuration of Wazuh in the institution's technological infrastructure, followed by continuous monitoring. The results showed that, through monitoring, 115,311 events were detected in total, of which 37 were identified as authentication failures. Additionally, 135 vulnerabilities were detected, ranging from critical to medium levels. Wazuh demonstrated accuracy in monitoring and vulnerability detection, allowing for the timely implementation of corrective measures and strengthening system security.

Currently, organizations manage complex IT infrastructures characterized by a large number of interconnected devices. While interconnectivity provides operational advantages, it also complicates the control and detection of cyberattacks, increasing the likelihood of cybersecurity incidents. Such incidents can damage strategic objectives, cause financial losses, affect reputation, and steal confidential information. In a military institution, it is crucial to protect sensitive assets that may be targets for breaches of national security. These assets include not only strategic facilities but also classified information, advanced technological systems, and critical operational capabilities. In this context, this article presents SentinelJC, an open-source cybersecurity incident management tool that enables the Joint Command of the Armed Forces of Peru (CCFFAA) to manage events, incidents, and vulnerabilities based on the NIST framework with four key functions: prevention, detection, response, and recovery. Tools such as Security Onion and Wazuh are used for proactive threat detection, while iTop is employed for incident tracking and documented management. During a seven-day trial conducted to validate the tool, early detection of incidents and threats was achieved, allowing for optimized infrastructure security. This approach significantly contributed to reducing the risk of attacks and enhancing the response capability to cybersecurity incidents.

Open-Source Intelligence (OSINT) plays a crucial role in cybersecurity by enabling the collection and analysis of publicly available information to detect emerging threats. The Peruvian Army (EP) faces a significant challenge in relying on commercial tools that are not fully adapted to its specific operational needs, limiting their effectiveness in addressing the ever-evolving cyber threats. To bridge this gap, this paper proposes the development of OSINT EP, a customized solution designed specifically to enhance the EP's response capabilities to cybersecurity challenges. The OSINT EP tool integrates several APIs, such as X API, IPinfo.io, NewsAPI, and LookupClient, to perform real-time data analysis and detect threats from various sources. The OSINT EP tool enabled the identification of cyber threats through multiple APIs. The X API revealed an increase in mentions regarding vulnerabilities on social media, suggesting a greater public interest. The IP analysis with IPinfo.io detected an address linked to a known attack in Peru, recommending its blocking. NewsAPI identified incidents of cyberattacks on critical infrastructures, which led to alerts being issued to the authorities. Finally, the DNS analysis with LookupClient verified the security of an email server, recommending periodic security audits.

The growing use of IoT devices in companies has
increased cyber threats, affecting data security and business
operations. This study presents a systematic literature review to
identify cybersecurity best practices aimed at mitigating these risks.
Scientific articles published between 2019 and 2024 were analyzed in
the Scopus database. The results highlight the importance of
implementing detection software and audit tools, along with staff
training. Additionally, the current limitations in the adoption of these
practices by retail companies are discussed. This work contributes to
the understanding of how to strengthen cybersecurity in IoT,
guaranteeing a safer digital environment for the retail sector.

Abstract —This study explores the deployment of Rogue Access Points (Rogue APs) with realistic attack templates to assess cybersecurity vulnerabilities among cadets at the Peruvian Air Force Academy. Given the growing threat that Rogue APs pose to military networks, the research underscores the need to strengthen cadets' cybersecurity training.

A structured methodology was employed to design and implement realistic attack scenarios that replicate potential weaknesses in wireless networks. Through penetration testing exercises, the study evaluates cadets' ability to detect, respond to, and mitigate these threats. The findings suggest that incorporating Rogue APs into training programs significantly improves cadets' situational awareness and reaction times, equipping them with essential skills for real-world cyber defense.