With over 15 years of experience, CICTE’s Cybersecurity Program is the regional leader in aiding the Organization of American States (OAS)’ member states to build technical and policy-level cybersecurity capacities. Its initiatives and activities aim to ensure an open, secure, and resilient cyberspace throughout the Western Hemisphere.

Goals ...

Achievements

Resultados Cyber

Beneficiary Countries

Bandera Antigua and Barbuda
Antigua and Barbuda
Bandera Argentina
Argentina
Bandera Bahamas
The Bahamas
Bandera Barbados
Barbados
Bandera Belize
Belize
Bandera Bolivia
Bolivia
Bandera Brazil
Brazil
Bandera Canada
Canada
Bandera Chile
Chile
Bandera Colombia
Colombia
Bandera Costa Rica
Costa Rica
Bandera Dominica
Dominica
Bandera Ecuador
Ecuador
Bandera El Salvador
El Salvador
Bandera United States of America
United States of America
Bandera Grenada
Grenada
Bandera Guatemala
Guatemala
Bandera Guyana
Guyana
Bandera Haiti
Haiti
Bandera Honduras
Honduras
Bandera Jamaica
Jamaica
Bandera Mexico
Mexico
Bandera Nicaragua
Nicaragua
Bandera Panama
Panama
Bandera Paraguay
Paraguay
Bandera Peru
Peru
Bandera Dominican Republic
Dominican Republic
Bandera Saint Kitts and Nevis
Saint Kitts and Nevis
Bandera Saint Vincent and the Grenadines
Saint Vincent and the Grenadines
Bandera Saint Lucia
Saint Lucia
Bandera Suriname
Suriname
Bandera Trinidad and Tobago
Trinidad and Tobago
Bandera Uruguay
Uruguay
Bandera Venezuela
Venezuela

Activities

The Cybersecurity Program’s regional efforts are multi-faceted and focus on (I) policy development, (II) capacity building (including training and exercises), and (III) research and outreach.

  • I. Policy Development:

    The Program assists OAS member states in developing national cybersecurity strategies that involve all relevant stakeholders and are tailored to each nation’s legislative, cultural, economic, and structural situation.

  • II. Capacity Building:

    The Program helps to establish national computer security incident response teams (CSIRTs) and provides tailored technical assistance and training opportunities to strengthen national institutions and organizations. Addi- tionally, it has the CSIRTAmericas network, which provides threat intelligence and timely cybersecurity information among 29 CSIRTs from 20 OAS Member states.

  • III. Research and Awareness Raising:

    The Program develops technical documents, toolkits, and reports to guide policymakers, CSIRTs, infrastructure operators, private organizations, and civil society by highlighting current developments and identifying key cybersecurity issues and challenges in the region.

Strategic partners

Canada
Estonia
United Kingdom
United States of America
Amazon Web Services
CISCO
Citigroup
Cybernet
Facebook
Florida International University
Global Forum on Cyber Expertise
Governmental Advisory Committee (GAC) of the Internet Corporation for Assigned Names and Numbers
Instituto Nacional de Ciberseguridad (INCIBE)
ISACA
Microsoft
University of Oxford
Trend Micro
Twitter
World Economic Forum (WEF)
Inter-American Defense Board

Implemented by

Inter-American Committee Against Terrorism (CICTE)

News

Meetings

CICTE holds an annual meeting for the working group on cooperation and confidence-building measures in cyberspace.

Others events.

Publications

Challanges and Strategies:
          Considerations on Ransomware Attacks in the           Americas

This publication seeks to provide recommendations and reflections based on international best practices for decisionmakers at public and private sector organizations, regarding both the reality of a ransomware attack and its implications, to illustrate the process that occurs during an event and thus, provide spaces to examine how to address this challenge, what margin of action can be achieved, and how to discover certain patterns that indicate a possible evolution of this type of threat within an organization.

English | Español | Français | Português

Practical Guide for CSIRTs | Volume 2, 2023
          A Sustainable Business Model

This guide is a continuation of the document Best Practices for Establishing a National CSIRT, published by the Organization of American States (OAS) in 2016, focusing on planning and developing a Computer Security Incident Response Team (CSIRT) in the public sector in Latin America and the Caribbean. Based on the OAS's experience and real statistical data, the guide provides general recommendations and is not intended to be a static model but rather an adaptable resource for different local conditions regarding political, cultural, geographical, and legal systems.

English | Español

National Cybersecurity Strategies:           Lessons Learned and Reflections           from the Americas and Other Regions

This document is structured in five parts that address the key considerations relevant for the process of NCS development, implementation, and review ...

English

Considerations for the Design and           Implementation of a Cybersecurity           Promotion Fund

This paper contains a comparative study of the telecommunication development funds (TDF) of Brazil, Chile, Colombia, and Costa Rica and assesses the feasibility of adopting a similar model for funding initiatives to promote cybersecurity in Latin America. Specifically, the paper examines the existing governance, formation, fund collection, and criteria analysis mechanisms for resource allocation of the TDFs ...

Español | English | Français | Português

Online gender based violence           against women and girls

This manual provides updated information on the phenomenon of gender violence online, how it manifests and what the regional efforts are being conducted to counter it. The publication also includes practical steps to prevent it and guidance for victims of related cases ...

Español | English

Guide Basic Concepts:
          Online gender based violence           against women and girls

In addition to the publication entitled “Online gender violence against women and girls”, this basic concept guide is directed for cybersecurity-related public institutions, professionals and stakeholders who seek to understand the phenomenon of gender violence. online. It includes recommendations for policy makers and professionals who might handle complaints of this type ...

Español | English

Practical self protection handbook:
          Online gender based violence           against women and girls

In addition to the publication entitled “Online gender violence against women and girls”, this response guide aims to provide the necessary skills so that women can protect themselves individually and collectively in their online interactions and create their own virtual spaces where they are free from violence through practical advice on prevention, response to attacks, and complaint processes ...

Español | English

Media Literacy and Security: The
          Importance of Staying Safe
          and Informed

This publication provides tools and present best practices for monitoring, consuming, and sharing information, and recommendations for staying safe online, focusing, particularly, on Twitter ...

English | Español | Português

Cybersecurity of women during
           the COVID-19 pandemic

... Experiences, Risks, and strategies of self-care in the new digital normality - The report analyzes the cyber-attack scenario prompted by the health crisis in connection with the dynamics governing women’s access to and use of the Internet along with systemic (online and offline) conditions of gender inequality with a view to identifying certain cyberthreats reportedly affecting women specifically during this phase ...

English | Español | Português

State of Cybersecurity
          in the Colombian Financial
          System

The purpose of this study is to provide comprehensive information on the state of cybersecurity in the Colombian financial system, presenting trends regarding digital security challenges, information security risk management, and security event detection and analysis capabilities ...

Español

Cybersecurity Education: Planning
          for the Future Through Workforce
          Development

The document presents an educational approach to combat it, promoting solutions to include aspects of cybersecurity at all levels of training and education. The publication, likewise, offers a set of tools of initiatives and mechanisms at the national level to generate interest in cybersecurity careers ...

Español | English | Français | Português

Cybersecurity Capacity Review of
           the Federative Republic of Brazil

This study presents the cyber capabilities of the Federative Republic of Brazil with the objective of allowing the Government to obtain an understanding of its cybersecurity capacity, in order to strategically prioritize its investments in this matter.

Available in:
English | Español | Português

Cybersecurity Considerations of the
          Democratic Process for Latin
          America and the Caribbean

The publication presents an approach on the cyber threats that affect existing democratic processes in Latin America and the Caribbean and advances how to reduce their impacts on regional democracy. In addition, it offers information on the power of disinformation in the digital age, global efforts in cybersecurity and democracy, and some recommendations to protect electoral integrity.

Available in:
English | Español

Cyber-Risk Oversight Handbook
          for Corporate Boards

Boards of directors must take a leadership role in overseeing the security of their company's cyber systems. However, corporate boards in Latin America generally have low to medium maturity levels related to cybersecurity, and most boards have only a “formative” knowledge of cybersecurity. This publication is the result of a multi-stage process in which the OAS and the ISA engaged with hundreds of stakeholders from corporate boards, government, academia, and senior management throughout the region to help organizations protect themselves from cyber threats.

Available in:
Español | English | Português

Data Classification

This whitepaper seeks to provide guidance for the development of a data classification system for the purposes of ensuring access to and protection of information generated and processed by governments. The Whitepaper examines data classification approaches existing at the national and international level, to offer data classification as a functional tool and means to avert potential risks such as under or over classification of information.

Available in:
Español | English | Français | Português

Media Literacy and Digital Security
          Twitter Best Practices

This publication provides tools and good practices for the monitoring, consumption, and distribution of information, as well as recommendations to stay safe online, with a particular focus on Twitter.

Available in:
Español | English | Français | Português

NIST Framework: A comprehensive
          approach to cybersecurity

This publication focuses on the NIST Framework, its use, and case studies such as the UK and Uruguay. This a tool for cybersecurity risk management, which enables technological innovation adjusting to all types of organizations.

Available in:
Español | English | Français | Português

The State of Cybersecurity in the
          Mexican Financial System

The purpose of this study is to provide information on the State of Cybersecurity in the Mexican Financial System. The information analyzed in this study comes from a database of 240 entities and financial institutions participating in the Mexican financial system.

Español »

State of cybersecurity in the
          banking sector in Latin America
          and the Caribbean

This publication analyzes cybersecurity dimensions concerning banking entities in the region, as well as its customer to provide a specific panorama of the strengths and weaknesses of this sector.

English »

Critical Infrastructure Protection
          in Latin American and the Caribbean

(OAS-Microsoft, 2018). This report aims to reflect the experiences and practices of critical infrastructure and critical information infrastructure protection in Latin America and the Caribbean. As a region with a long history of cooperation and one of the first to cooperate on addressing cybersecurity threats, these learnings can be a valuable reference for the cybersecurity and critical infrastructure community.

Abrir »

Cybersecurity: Are we ready in
          Latin America and the Caribbean?

This study aims to deepen the knowledge of cybersecurity risks, challenges and opportunities in Latin America and the Caribbean. Using surveys and other data provided by experts and officials from thirty-two OAS member states, the report examines each country's “cyber maturity” in five dimensions: 1) cyber security policy and strategy; 2) cyber culture and society; 3) cybersecurity education, training, and competencies; 4) legal and regulatory frameworks; and 5) standards, organizations, and technologies.

Español | English

Cybersecurity and Critical Infrastructure
          in the Americas (OAS-Trend Micro 2015)

This report is intended to shed light on cybercrime activity and trends that take place in the Americas within the critical infrastructure sector. It also aims to provide insight on how fostering collaboration between these industries and their governments can strengthen their ability to combat cyber-attacks.

Español | English

Latin American and Caribbean Cyber
          Security Trends (OAS-Symantec 2014)

The report provides a truly comprehensive landscape of cybersecurity in the Americas, with information submitted by 30 out of the 32 countries in Latin America and the Caribbean. Together, the information provided a clear picture of where the region stood with regards to the cybersecurity by 2014. The report represents a multi-stakeholder effort, with contributions from Symantec, AMERIPOL, Microsoft, LACNIC, ICANN, and the Anti-Phishing Working Group.

Español | English

Study on the impact of digital
          incidents in Colombia (2017)

The information collected in this publication provides a complete overview of the attacks suffered by both the public and private sectors, as well as their level of preparedness to defend themselves against such attacks. The study tries to present the information according to the different profiles of both public and private institutions and numerous statistical tools have been used to facilitate the reader to draw their own conclusions.

Español

A guide of Best Practices for
          Establishing a National CSIRT (April 2016)

This guide discusses various types of CSIRTs, including the National CSIRTs, responding to security incidents computer science at the level of a state-country. This document analyzes the project management process for the creation and implementation of a national CSIRT, including different criteria and necessary considerations to define its constitution, mission, vision, scope, services, times, and legal and institutional or organizational aspects. In addition, the guide presents detailed descriptions of the infrastructure, including hardware, software, and technical procedures. Finally, different policies and procedures are analyzed required for smooth CSIRT operation. I also know analyze guidelines for membership and participation in certain international organizations, such as the Teams Forum Incident Response and Security (FIRST).

English | Español
More publications