Colombia’s President Petro to Create Digital Security Agency to Guard Against Hackers

The country’s information, technology and communications ministry (MinTIC) tells Bloomberg Línea that work has begun on creating the normative framework for the agency, in which the ministry’s role will be purely technical

By

Bogotá — With cyberattacks increasingly recurrent, the victims of which range from public officials to large business conglomerates, and which not only consist of violations of their social media profiles but can also extend to dangerous strategies that seek to block and seize Internet portals and virtual offices that are essential for users.

Amid this scenario and according to what was stated in the Colombian government’s 2022-2026 National Development Plan (PND), the government of President Gustavo Petro is preparing the creation of a national digital security agency charged with preventing hacking.

“With the aim of promoting a secure digital ecosystem and protecting society, the creation of a digital security agency will be promoted to ensure the protection of the state in general, the country’s critical infrastructure and government entities from cyberattacks. Additionally, strategies must be implemented to develop the culture and appropriation of habits of safe use of digital technologies from early education,” the document states.

The plan will be complemented with the definition of legislation that adopts national legislative measures and seeks international cooperation that addresses the Budapest Convention.

“As part of the digital open-government policies, the concept of digital security will be adopted by default to ensure the continuous and normal provision of services offered by public entities,” the plan states.

When asked about the new agency by Bloomberg Línea, the Information, Technology and Communications Ministry (MinTIC) said “we are working on the regulatory phase of the project, and it is directly the Presidency of the Republic that is in charge of this proposal. Our role is that of technical support to define what this agency will be, since the Ministry is part of Colombia’s Cyber Emergency Response Group (ColCERT)”.

“It is important because, nowadays, state institutions require another type of legislation that can mobilize the scope of a cyberattack, so it is necessary to cement the cybersecurity regulations in Colombia,” according to Santiago Roldán, a consultant in digital transformation.

He said that, given the technological functions performed by the state, such as the operations of the country’s statistics agency DIAN or the processes for issuing digital passports, “it is essential that the government begins to shield itself and that it has a strategy that allows it to monitor all the problems of fraud and cybersecurity for all its institutions”.

For his part, Andrés Felipe Ángel, director of SL Legal + Technology, said it will be necessary to see how this agency will operate, what strategies it will develop which entity it will depend on and report to. But he said it is positive that, since the creation of the agency, the concept of digital security is being discussed, because it implies that, from the beginning of the process, the need for cyber protection is being considered, and which should not be seen as something as additional or to be taken into account further down the road.

Expansion of connectivity

The proposal made in the PND is one of the items of the chapter entitled ‘democratization of ICTs to develop a society of knowledge and technology, connected to knowledge and global circuits’, which also proposes an expansion of digital connectivity.

This plan aims, among other things, to meet four objectives. First, to bring digital connectivity to areas still without such a service or where there is insufficient quality; second, to promote co-investment mechanisms between the state and providers of telecommunications networks and services for the deployment of neutral telecommunications networks.

And third, the connectivity plan aims to promote technical, normative and regulatory mechanisms that allow the effective elimination of barriers by territorial entities for the deployment of telecommunications networks; and fourth, to promote the availability of telecommunications spectrum, especially for 5G services, through sharing and/or commercialization schemes of this resource and the regulation of the 6 GigaHertz (GHz) band.