THE CHALLENGE OF CYBER-SECURITY IN CENTRAL AMERICA

When we talk and use in our vocabulary words like Cyber-security, Cyberspace, Cybernetic attacks, unconsciously we move to the future or we think about “Star Trek”. But no, that future is here and we must realize that today, in 2015, we are exposed to serious threats, which affect all aspects of the society, and if the countries and governments do not take serious measures to prevent them, the consequences could be serious indeed.

There’s an option to take preventive measures, through the “Central America Integration System” (known in Spanish as SICA), which following the European Union (EU) model as an institution of union of countries, should be strongly developed as an establishment of integration in this security section as a global concept.

Clearly different levels of maturity between these institutions should be considered, but SICA is working with a decisively and committedly with the spirit, principles and Central America’s integration purposes.

ciberseguridad

In 2011 the Central American Security Strategy (known in Spanish as ESCA) was approved as a basic instrument, from an integral perspective, for helping to guide the coordinated actions regarding security that will be adopted for the countries of the region, framed by their respective legal systems.

The general objective is to establish the components and necessary activities to strengthen people’s security and their assets in the region of Central America, allowing our people to achieve the goals of the sustainable human development.

The specific objectives are:

  1. Integrate the different efforts that the region makes regarding security to get better results and harmonize them.
  2. Facilitate the coordination and exchange of information and experiences between different parts and operative agencies of the region to combat more effectively the criminal activities in the region.
  3. Identify and manage the financials needs, resources and the training that requires the institutions responsible for the security
  4. Develop policies, programs, strategies and actions for prevention in the following topics: youth violence, armed violence, gender-based violence, illegal traffic and slave traffic, prevent since local acts and the effects of natural disasters specially those which are caused by global warming

Their strategic components are:

A. Crime combating. (Led by USA, Mexico, Colombia). Organized Crime, war against drug traffic, Deportees with criminal records or ex convicts, gangs, murder. War against illegal arms traffic, terrorism, corruption, other police and legal topic

B. Prevent (Led by Germany). Youth violence, armed violence, gender-based violence, immigrates illegal trafficking and trafficking or people, consumption of drugs, prevent since local acts and regional security and global warming

C. Rehabilitation, reintegration and prison security (Led by the BID)

D. Institutional strengthening and coordinating and monitoring of region strategic (Led by Spain)

Therefore, already exist the support and framework necessary to further and strengthen measures and although ESCA does not include the cyber-security as a main course of action, in my opinion, the decision to add this course as a priority on the overall countries strategy, certainly set the difference in Latin America respect security in the next 10 years.

 

SICA, as a regional institution should have as mission, encourage, promoting and boost, among others, that each member make and take specific and appropriate measures to confront cybernetics threats that endanger or risk personal information of its citizens, the important information of their institution, the good working of its critical facilities and infrastructures, In short, safeguard the National Security.

Remembering again the EU model in which every country is sovereign in its strategic, as a point of view could be taken 10 action lines (Decalogue) or axes which SICA could contribute as factor for dynamism, coordinating and driver of measures and in the near future the regulator thereof.

  1. To drive in each country specifics laws and regulations updated to new challenges in this topic (for example, there are several loopholes in the law in areas such as child pornography in many countries that is considerable influenced by the small penalty to the alleged offender.
  2. Promoting in the financial regulatory entities (Which is the most advanced in cyber-security) continuous strengthen its politics and actions looking for reduction in scams ratios, fraud and phishing in the region
  3. Help and promote actively the school education, for that the Ministry of Education should promote in the different levels of studies plans the introduction of subjects about cyber-security. Also concerning university education about information technology (IT) including masters and postgraduate in that topic. Certainly the improvement and further professionalization and specialization for the future security professionals in TI, will be directly proportional to cyber-security improvement in private corporations and government institutions.
  4. Promote regional development of the common strategic about minimum guarantee in cyber-security area. Remember in the cyberspace cannot be implemented barriers nor frontiers. Especial emphasis about under-age topics.
  5. Encourage and propone that every country have a Special Protection Plan in Critical Infrastructures
  6. Promote to each country member, developing high standards in cyber-security based on continuous and periodic exercises, testing the vulnerability of networks and analysis their sources code in critical applications. This affect the efficiency in the reaction and the size of the damage it could cause in case of being attacked.
  7. Promote the cooperation between countries sharing experiences and team of experts in this topic
  8. Formulate the creation of plans and specialist team for fast answer to possible attacks
  9. Promote with private corporations, training programs and population awareness to mitigate the risks these represents.
  10. Encourage the countries member capacities in I+D+I in this area

 

ciberseguridad3

To conclude, the priority regards to security of the regions governments, should be developing pro-active measures in short and medium term to lead their own cyber-security strategies. Start with the awareness and elaboration of campaigns for communication and education to promote that in all areas of the society. Certainly is the key to generate a solid base in the strategic for prevention and action, for the responsible entities in security area.

(Spanish version)

Carlos Aguayo

Director

Logo 1 - No background- CMYK 300dpi

Written by: Foro Red de Sinergias