Mexico City 2015 Blog: The State of Cybersecurity
Over half of all software installed in Mexico—which amounts to a commercial value of $1.2 billion—is pirated.
- Join AS/COA, Mexico's Secretariat of Foreign Affairs, and ProMéxico for "Mexico: A Look at Climate Change, Cybersecurity, and Energy in North America" on May 21 in Mexico City.
- Can't be there? Tune into the live webcast and follow #mxASCOA for updates.
Cybersecurity, says security risk analyst James Bosworth, is inherently a global issue since data travels irrespective of national boundaries. That said, the developing world is more vulnerable, due in particular to higher rates of pirated software. Since pirated software does not receive security patch updates, this leaves the machines it's installed on and entire networks those machines are connected to vulnerable to hacking and other cybersecurity threats. In 2012, Mexico saw cyberattacks go up 40 percent, and over half of all software installed (54 percent, to be precise) there is pirated, slightly below the Latin American average of 59 percent. Moreover, all that pirated software has a commercial value of $1.2 billion, an amount second in the region only to Brazil's $2.9 billion. In 2013, the Mexican economy on the whole lost $3 billion due to cybercrime.
The Mexican government has taken notice, and made some initial steps to address the issue. In 2011, the government set up a center within the Federal Police force to respond to cyberattacks, and currently there are four national computer security incident response teams (or CSIRTs, sometimes referred to also as computer emergency response teams, or CERTs) operating in the country. That said, Mexico's budget for cybersecurity did not increase in the last year, and, as Bosworth (better known as Boz) explains in this interview, there's much more governments can be doing:
Latin American governments need to get smarter faster about cybersecurity issues. … I think it makes sense for the region to create a sort of regional monitoring capability so that they know what threats are out there and they can share information about the threats and respond to them regionally, rather than incident by incident. It doesn’t help us if Colombia and Mexico and Chile and Brazil are all responding to the same vulnerability separately. They need to be sharing information both about what the vulnerabilities are and what the potential responses are. … Creating regulations that encourage and or hold legally liable corporations who need to respond would be a good step and creating model legislation that can then be worked into the country’s individual systems would be helpful for the region. |