top of page

Perfect storm: Cybersecurity situation in Mexico

Yesterday I had the opportunity to participate in a discussion titled “Navigating the storm: emerging cybersecurity technologies” at the 1000 Most Important Companies in Mexico Summit event. It was a pleasure to talk with Rosi Vérján, editor-in-chief of Mundo Executive about the challenges that companies have to address. I briefly summarize what was discussed:

Cybersecurity is an emerging and exponential technology, it is transversal and highly disruptive. This is how it should be approached. Especially now that it intersects with different technologies such as IoT, blockchain, cloud, quantum computing and of course, Artificial Intelligence. In each of these, cybersecurity has areas of opportunity, development and value generation.

It is important for our country that we can provide a cybersecure environment that includes a legal framework, cutting-edge technologies, processes and talent for companies that come to establish themselves as part of nearshoring. I am happy to share with you the launch of the Mexico Cybersecurity Alliance (AMCS), which will be a great positive force to revitalize the National Cybersecurity Strategy and the country's cyber protection ecosystem.

The above becomes even more relevant, because in Mexico we not only have to be aware of cyber risks but also take actions to avoid the potential loss of our companies. I share again that we had the privilege of being one of the sponsors of the 2023 Cybersecurity Survey (download it here) of the Internet MX Association and the results are so critical and forceful that they demand action.

Organizations are still not considering cybersecurity as a priority on their agendas. 29% of companies carry out awareness campaigns only when they suffer an incident. 64% do not have a budget allocated to cybersecurity, and 59% do not have any cybersecurity standard or reference framework implemented.

Most companies have implemented anti-malware software, updates their operating systems and programs, user authentication, and a password update policy. What they do least is identify critical assets and risk analysis, segregate functions and hire external cybersecurity services.

Let us remember that cyber attacks are much more successful if they are carried out with social engineering, that is to say that these incidents occur 95% due to human failures, we are the weakest link and therefore the one we should pay the most attention to through security programs. awareness and continuous training.

At CyberLat our mission is to communicate and raise awareness about the risks that cyberattacks represent for the development of the economy of our country and in Latin America. We are an active part of NGOs such as ANIA and the Internet MX Association, as well as directly in efforts carried out in the legislative branch, where we work to ensure that public cybersecurity policies are approved for the benefit of all of Mexico.

At CyberLat we recommend that your company or organization manage some services little by little, according to your needs and priorities, such as cyber risk management, cybersecurity posture, a vulnerability assessment, ethical hacking as well as having a preventive monitoring process and services. Our main recommendation will always be to invest in prevention and not wait to spend on recovery efforts. I also recommend having a response manager, an operational continuity plan, and a disaster recovery plan.


bottom of page