Saturday, January 28, 2023

5 keys to designing an efficient cyber security law in Mexico

  • Cyber ​​security legislation in Mexico is more important than ever considering the increase in cyberattacks in the country.
  • A national cyber security law could increase compliance with good digital security practices in Mexican companies.
  • These are five key points for creating a national cyber security law that helps reduce cybercriminal activity in Mexico and protects both individuals and companies from cyberattacks.
  • Do you already know our Instagram account? Follow us

The lack of regulation in the field of cyber security is a pending issue in Mexico, and is increasingly urgent if we take into account that the scenario in our country in this area has deteriorated significantly during the last two years.

In the first year of the pandemic alone, the number of cyberattacks in our country tripled. In turn, 85 billion events were recorded during the first half of 2022, a figure showing a 40% increase compared to the same period in 2021.

Also in the first half of 2022, almost 60% of cyber attacks experienced in Latin America were focused on Mexico. This makes it the most attacked country in the region.

Nevertheless, Mexican companies have learned from these past two years and feel more prepared to confront and prevent cyberattacks.

we’re improving in mexico

according to survey results Digital Trust Insights 2023, Mexico Edition, 86% of companies said they have improved their ability to defend themselves against ransomware attacks and 78% responded effectively to cyberattacks. Also, in 2023, Mexican companies are expected to independently increase their budget to deal with cyberattacks; However, this is still not enough, which is why a national cyber security law could help strengthen their efforts.

A cyber security law initiative in Mexico opens up the possibility of creating a legal basis for prosecuting cybercrime. In turn, this could increase compliance with good digital security practices among Mexican companies.

However, in order to arrive at an efficient cyber security law, several points need to be kept in mind. IQSEC shares on Business Insider Mexico One to illustrate five key points that not only discourage cybercriminal activity, but also equip both individuals and companies with the necessary tools to defend themselves against cyberattacks.

1. Include items on cyber defense and cyber resilience

The law should include the category of “cyber security” within its ambit. It is defined as a subset of actions that seek to respond to cyber attacks immediately and/or automatically, in addition to identifying, making visible, neutralizing and controlling cyber threats.

It is aimed at protecting the critical assets of an organization or nation to protect people, data and core operations.

In turn, this should also include the heading of “cyber-resilience”. It should be understood as the ability to prepare to recover from a cyber attack and avoid economic loss and reputational damage, while maintaining trust in your environment.

2. Rely on Best Practices in the Cyber ​​Security Industry

IQSEC states that a national cyber security strategy should be outlined that is based on industry-recognized best practices; This is from the point of view of detection, protection, detection, response and recovery. Also, an active posture should be set up to counter any kind of cyber attack.

3. Include Identity Theft Protection Mechanisms

The law should establish safeguards against identity theft, with legal instruments that punish and classify the use of false or stolen identities as serious crimes. You should also generate security measures through the following:

a) Entities that provide a service that involves the handling of financial resources (cash and securities), goods or any part of the property of a person shall be required to carry out physical verification and verify the identity of the subjects carrying them out Must be bound. To do this, they must compare the individual’s general and biometric data against those registered with the INE or another official authority (for example, passports issued by the SRE). It is for reasonable certainty that the person is who they say they are and that the document they present is authentic.

b) Establish strong deterrence and, above all, make it easier for victims to submit relevant complaints and elements to be able to effectively prosecute those potentially responsible for committing cyber crimes.

4. Establish a cyber security framework that guarantees data security

The law should adopt a best practice cyber security framework so that public and private organizations can demonstrate that they take proactive action to protect both the identity of third parties and the confidential information they hold. This is so that, in the event of a breach, responsibility for both the action and the omission is rightly assumed.

In turn, an obligation to take security measures on confidential data should be established. This is so that, if they are extracted, they are encrypted and cannot be used.

5. Create cyber security awareness at all levels of society

The law should establish awareness programs at all levels of Mexican society. The ideal, according to IQSEC, is to establish basic education subjects or awareness programs in the correct use of technologies. It will help to fortify the user against cyber threats from an early age by helping him/her to learn and identify social engineering attacks, phishing, DDoS, etc.

Nation World News Desk
Nation World News Desk
Nation World News is the fastest emerging news website covering all the latest news, world’s top stories, science news entertainment sports cricket’s latest discoveries, new technology gadgets, politics news, and more.
Latest news
Related news