[ad_1]
Chile’s newly established cybersecurity agency ANCI may not be sufficient to confront the cyber threats facing the country’s critical infrastructure, and there is little information on the extent to which these threats have already impacted the country, according to former telecommunications undersecretary Christian Nicolai.
“There are no statistics. We’ve seen isolated cases, and we also had the [2018 cyberattack] on Banco de Chile, but it’s hard to know about Chile specifically. At a global level, [losses] are in the tens of millions of dollars on average,” Nicolai told BNamericas following a cybersecurity seminar organized by the infrastructure policy council and Indra Group.
ANCI officially began operations on January 2 under a cybersecurity bill passed in 2023, which defines critical infrastructure and services where minimum safety standards are required, including energy, health, transport, water, telecommunications, financial services and information technologies, among others.
The agency will also advise the executive branch of government on the development of cybersecurity policies and plans, and will be responsible for inspecting, regulating and sanctioning service providers on cybersecurity matters.
“The agency needs more resources. If you look at the budget, it’s only US$4.2mn per year. On average, the economic impact of cyberattacks is a lot higher,” Nicolai said during the event.
The former official, however, praised the cybersecurity law for allowing the inclusion of additional sectors in the future.
“All sectors are vulnerable nowadays, because all sectors work on an information database in some capacity. That base of information is what is being attacked, whether that’s to steal it for blackmail purposes or to corrupt it so that it stops working,” he told BNamericas.
Regarding missing elements, he noted during the seminar that the law does not mention artificial intelligence, which has already generated concern over data protection and has been used in cyberattacks.
Incidents such as the April 28 blackout that affected Spain and Portugal, initially suspected to be the result of a cyberattack, and the disruption of Ukraine’s rail services on March 24, blamed on Russian hackers, have intensified the scrutiny of cybersecurity frameworks for critical services.
[ad_2]
