Currently Information and Communication Technologies have become a transversal sector of all modern systems. According to the newspaper El País, by 2018 in Colombia 96% of companies use this medium for the development of their activities (País, 2018). The hypothesis of this monographic study proposes that, if organizations do not anticipate potential cybersecurity risks, their technological infrastructure will be affected, caused by a computer event or incident, which generates financial and reputational losses, legal actions and the impact on the continuity of your business. By virtue of the foregoing, this document is built taking as a reference a qualitative research methodology, proposed through four chapters including the proposed objectives: 1. The methodological development; 2. The current state of cybersecurity management and data protection in Colombian SMEs; 3. a strategic plan that contributes to the strengthening of digital assurance capabilities; 4. a technological proposal for the management of a cybersecurity event.