Andrey Ochepovsky, Senior Public Affairs Manager, Kaspersky
Today, Latin America can be considered a dynamically developing region. The state of cybersecurity is no exception. According to the World Bank and the International Telecommunications Union (ITU), the share of Internet users in the region already exceeds 80% (globally, this indicator amounts to approximately 67%). Its digital economy is also growing and could reach $1 trillion in value as soon as in 2026.
At the same time, digitalization is bringing benefits and challenges to economies globally – and Latin America is no exception. According to experts, more than 1,600 cyberattacks are reported in the region per second with the cumulative economic damage caused exceeding 1% of some countries’ GDP. In some cases, the impact was so severe that the authorities were forced to declare a national emergency to counter malicious actors – famously so in Costa Rica in 2022 after multiple government bodies had been attacked by the infamous Conti ransomware group.
These are just a few facts and figures which illustrate the urgency of cybersecurity-related issues for Latin America. It is important to mention the region’s nations clearly understand the importance of cybersecurity and are already doing a lot to create favorable conditions to counter malicious activities on the Internet. For example, Brazil has been recognized by the ITU as one of the ‘role-modelling’ (Tier 1) countries regarding its cybersecurity posture, while Ecuador, Mexico and Uruguay were graded as ‘advancing’ (Tier 2).
Still, there is always room for improvement – especially in such dynamic and fast-changing domain as cybersecurity. Below are a few general thoughts on how to improve security posture in Latin America:
1. Develop cybersecurity guidelines for most vulnerable areas
As global experience shows, both private and public operators desperately
need a set of recommendations, tailored specifically for their spheres of
activity, which would guide them how to best organize their work countering
malicious actors on the Internet. While some Latin American countries have
already made
a substantial progress in this direction, the majority of the region’s nations
still have a long road ahead.
When determining the areas which are in most urgent need of guidelines, governments could take into consideration prioritizing those industries which are most targeted by hackers in Latin America. According to the statistics, they include government (31%), manufacturing and trade (23%), healthcare (9%), finance (6%) as well as transport (5%). These sectors could be encouraged and advised on how to best build up cyber defenses and keep them relevant against ever evolving challenges. Furthermore, specific recommendations would be extremely useful for areas such as supply chains and the fast-growing ‘Internet of Things’ segment.
2. Strengthen further intraregional cooperation
It is worth mentioning that Latin American countries play an active role
in the global conversation on cybersecurity. Most notably, regional countries
provided
a meaningful contribution to the elaboration of the UN Convention against cybercrime
(adopted by the UN General Assembly on December 24, 2024), as well as
participate in the work of the Open-Ended Working Group on ICT (established by
the UN General Assembly on December 31, 2020).
Cybersecurity has been one of priorities in the dialogue between Latin America and the European Union. In 2023, the EU-LAC (Latin America and the Caribbean) Digital Alliance was launched in order to create favorable conditions for cooperation between the two sides on this issue.
Within the region, ICT-related intergovernmental dialogue show positive dynamics as well. Specifically, ministerial conferences on the information society are regularly held under the UN Economic Commission for Latin America and Caribbean (CEPAL). Their work is reflected in the Digital Agendas which serve as roadmaps of intraregional cooperation in key areas (the last one – eLAC2026 – was adopted in November 2024).
At the same time, there is definitely room for further joint work in the LAC. Relatively “low” language barriers in Latin America (most of its countries being Spanish-speaking) create favorable conditions for implementing cross-border initiatives on capacity building and sharing best practices in cybersecurity.
3. Promote public-private cooperation
Due to the nature of ICT, meaningful success in the fight against cyber threats is impossible without public-private cooperation. With their vast experience in countering hackers, protecting information infrastructure and capacity training, cybersecurity vendors, educational institutions as well as specialized NGOs could provide invaluable contributions.
In this regard, an example of the United Nations could be taken into consideration. While it is sovereign states that make all final decisions on ICT-related initiatives there, non-governmental actors are also encouraged to participate in discussion, sharing their knowledge and insights. Specifically, private entities were involved in elaboration of the above-mentioned UN Convention against cybercrime as well as the Global Digital Compact.
The same approach could be taken in Latin America. One such potentially useful measure could be inviting and encouraging relevant private organizations (companies, universities etc.) to provide external contributions to the work of regional intergovernmental ICT-related initiatives, including CEPAL ministerial conferences.
From its side, Kaspersky, as one of the world’s leading cybersecurity vendors, stands ready to expanding collaboration with Latin America and the Caribbean to bring on the cybersecure future for this region.
