Most countries in Latin America and the Caribbean are in the evolving phase of the International Telecommunication Union's (ITU) 2024 Global Cybersecurity Index. The UN agency's index analyzed 194 countries, dividing them into five levels: Building, Evolving, Establishing, Advancing, and Role Modelling.
According to this indicator, the countries in the region that are "Evolving" are: Argentina, Bahamas, Barbados, Belize, Bolivia, Dominica, El Salvador, Grenada, Guatemala, Guyana, Haiti, Honduras, Nicaragua, Saint Kitts and Nevis, Saint Lucia, Saint Vincent and the Grenadines, Suriname, and Venezuela.
Following these are the countries in the "Establishing" phase: Chile, Colombia, Costa Rica, Cuba, Dominican Republic, Jamaica, Panama, Paraguay, Peru, and Trinidad and Tobago.
The nations in the "Advancing" status are Ecuador, Mexico, and Uruguay, while the only country in the region that qualified as a Role Model is Brazil.
Since 2021, on average, countries have taken more actions and made improvements in their cybersecurity commitments, raising the global average to 65.7 points out of 100, the document highlights.
"The 2024 Global Cybersecurity Index shows significant improvements in countries implementing essential legal measures, plans, capacity-building initiatives, and cooperation frameworks, especially in strengthening incident response capabilities," said Cosmas Luckyson Zavazava, Director of the ITU Telecommunication Development Bureau.
The Index highlights that last year, 8 billion records were breached as part of 2,800 reported violations, meaning the average cost of a data breach increased by 15 percent over the past three years.
"These incidents can be costly; for small businesses in North America alone, the average breach is estimated to cost $3.3 million," the report details.
Countries also risk losing user trust in Information and Communication Technologies (ICT) due to these data breaches.
"To provide resources and rights to users, as well as clear expectations for organizations handling data, countries have implemented regulations on personal data protection, privacy protection, and/or breach notification," the ITU indicates.
Recommendations
Despite the progress, the international body mentions that countries should consider efforts to implement legal measures that can be applied clearly and fairly across all sectors.
They should also promote cross-functional efforts that address more than just information technology and maintain well-trained and responsive national institutions, including computer incident response teams.
Additionally, it suggests involving a wide range of stakeholders in all cybersecurity initiatives and developing and periodically updating the national cybersecurity strategy with an actionable implementation plan.
Furthermore, it calls for cybersecurity awareness campaigns addressing relevant issues and creating incentive mechanisms to encourage capacity building in cybersecurity and research and development, as well as fostering national and international cooperation and collaboration in information sharing and capacity building.
