The country is in the beginning stages of planning a national cybersecurity strategy, but unlike many Latin American countries, there does exist criminal penalties.
That is the assessment from experts in the Inter-American Development Bank and the Organization of American States who have just released a report on the countries of Latin America and the Caribbean. They called on the countries to step up their efforts on cybersecurity.
The report, done with assistance from Oxford University, shows the region is highly vulnerable to potentially devastating cyber attacks, said the Organization of American States.
The document is called “Are we ready in Latin America and the Caribbean?” The report shows that four out of every five countries in the region do not have a cybersecurity strategy or plans for protecting critical infrastructure, according to a summary. Two out of three countries do not have a command and control center for cybersecurity, and a large majority of prosecutors lack the capacity to punish cybercrimes and face other problems as well, it said. Costa Rica criminalized cyber crimes in 2012.
The report analyzes the state of preparedness of 32 countries based on 49 indicators, said the summary. It is the first significant examination of the level of preparedness in Latin America and the Caribbean against the growing threat of cybercrime, said the organizations.
Uruguay, Brazil, México, Argentina, Chile, Colombia and Trinidad and Tobago were reported to have achieved an intermediate level of preparedness, but remain far from advanced countries like the United States, Israel, Estonia and the Republic of Korea, said the summary.
“This report is a call to action to protect our citizen and our critical infrastructure for the 21st Century,” said Luis Alberto Moreno, president of the Inter-American Development
Bank, in a news release. “Our region arrived late to the Industrial Revolution. We cannot miss the opportunity that the Digital Revolution offers us. Because of that, cybersecurity must be a priority.”
The report notes that the Ministerio de Ciencia, Tecnología y Telecomunicaciones is the primary authority responsible for handling issues and developing policies related to Costa Rican cybersecurity. An internal ministry agency, the Centro de Respuesta de Incidentes de Seguridad Informática, is the national agency entrusted with the task of not only responding to disruptions to cybersecurity but also of coordinating national command and control functions, said the report.
The agency was credited with detecting a denial of service attack launched against the Instituto Costarricense de Electricidad in 2013, said the report.
Sixteen countries in the region have no coordinated capacity to respond to incidents, said the summary. And only six have a structured program of education in cybersecurity, which includes budgetary stability as well as mechanisms for research and the transfer of knowledge, it added.
The full report in Spanish and English is available HERE!