Skip to main content
Skip to main content
Microsoft Security

Latin America is stepping up to the plate in cybersecurity policy

  • Paul Nicholas Senior Director, Digital Trust

A year ago Inter-American Development Bank (IDB) and the Organization of American States (OAS) asked themselves a question about cybersecurity: “Are We Ready in Latin America and the Caribbean?”. The conclusion of their 200 page report was essentially “No”, raising an alarm about Latin America’s critical situation in the cybersecurity arena. The report showed that Latin America was extremely vulnerable to potentially devastating cyber-attacks. Four in five states did not have cybersecurity strategies or plans for protecting critical infrastructure. Two in three lacked a any sort of command and control center for cybersecurity crises. Enforcement of laws against cyber-attacks was almost universally weak.

The last 12 months have seen the start of what looks like a remarkable turnaround. Take as an example Argentina, which will host the G20 in 2018. Only a few weeks ago, Argentine President Macri met with American President Trump to start bilateral work on cybersecurity, uniting the two states against cybercriminals and aiming to make cyberspace open, reliable and safe. The basis of this cooperation is not novel per se. The two allies are seeking to increase the coordination of their cyber politics, to share information and to foster private-public partnerships in the protection of key infrastructure. It may not be a novel approach but what matters most is that it is happening and that for the Argentine government it is real rather than window-dressing.

The IDB and OAS 2016 report noted the importance of legislative frameworks, investigation, the processing of electronic evidence, and the training of judges and prosecutors in the field of cybersecurity. It also urged states to inform public and private sector organizations when vulnerabilities are identified. Fortunately, this call to action did not fall on deaf ears and, within the past year, we have seen accelerating improvements in Latin America’s approach to cybercrime and cybersecurity legislation. The capstone of this was April 2017’s OAS resolution to increase cooperation, transparency, predictability, and stability in cyberspace. As well as aligning themselves with the global approach to cybersecurity outlined by the UNGGE, the OAS decided to establish a working group to drive enhancements to members’ cybersecurity legislation.

This OAS resolution is matched by a range of other actions that prove the good intentions of the different Latin American countries involved. In May, a group of military and government cyber experts from Latin America, the Caribbean, and the United States met at the “Partner Nation Command, Control, Communications, Computers and Cyberspace Symposium” (PNC5S). Their aim was to discuss the different strategies they could adopt in the face of every escalating threats in cyberspace. This type of regional cooperation is essential to tackling cybercrime and also to building up the resilience of cyberspace in the face to ever escalating cyberattacks.

All of this effort by Latin American governments does not matter simply because the United States or the European Union or China or the United Nations think it matters. Nor is the promotion of this agenda simply a convenient way to ensure Latin America isn’t a “weak link” in global approaches to dealing with cyberthreats and cybercrime. No, rather, these steps taken by Latin American governments matter because technology and cyberspace are becoming increasingly central to the interests of Latin America itself. For example, ICT industry revenues in Latin America are expected to increase by 20.3% from 2016 to 2017. Guadalajara, Mexico is being touted as a new Silicon Valley, driving billions in ICT exports and attracting investment from around the world. The International Conference on Software Engineering was held in the region for the first time in 2017 (in Buenos Aires).

The tide of change that has hit Europe, the US and Asia has not missed out Latin America. Governments from this part of the world have come to realize that lagging behind the curve is not an option, and it is reassuring to see those same governments stepping up to the plate. By learning from other parts of the world and from each other, countries across Latin America will assure their citizens, businesses, and public sector organizations can secure the economic, social, and even political benefits of technologies such as cloud, big data, and the Internet of Things. If in a year from now the IDB and the OAS were to ask again if Latin America is ready for this new future, the answer would likely be far more positive.