What will happen to the Cybersecurity Law in the new administration?

The most recent proposal was presented by Senator Alejandra Lagunes. This is a federal initiative and is in the process of being reviewed by the House; However, it is still uncertain what will happen with this bill.

According to Ivonne Múñoz, a lawyer specialized in IT and cybersecurity expert, this proposal could be left in the pipeline because it is a proposal foreign to Morena, but during this administration it will be possible to see more emphasis on cybersecurity.

In the last 10 years, in Mexico there have been several law proposals related to cybersecurity, but none have managed to make it out of the pipeline. One of the most relevant was that of 2020, which sought to establish a regulatory framework to prevent and punish cybercrimes.

Between 2020 and 2024 there have been at least five significant initiatives or reforms related to cybersecurity, although the country is still in the process of consolidating robust and coherent legislation in this field, according to Múñoz.

“There is no approved legal norm, even though it was a commitment from the last six-year term, in addition, the most current one that is under review still requires a review, especially in the technical part,” the specialist noted.

Among the main concerns that other experts have is the uncertainty on the issue of autonomous organizations, since in the absence of entities such as the National Institute of Transparency and Access to Information or the Federal Institute of Telecommunications, many of the technical tasks that carried out until now, they would not have a clear person responsible.

“We could bet that the Ministry of Economy is the one that evaluates some aspects of cybersecurity, but a review of the current proposal is required, which could also be modified and have more opportunity if it is developed by the Morena bench,” he stated. Muñoz.

Jorge Osorio, director of CSI Consulting Services and representative of Infosecurity, pointed out that a very relevant issue, both for the application of a law and for the development of a Center specialized in AI and Cybersecurity, is human talent, which is scarce in Mexico and the world.

Múñoz adds that in addition to human capital, economic capital is another important gap for the development of this type of figure. In fact, less than half of Mexican companies view cybersecurity as a strategic element and Mexico currently ranks 20th globally in investment in Information and Communication Technologies (ICT), with 0.8%, according to data from IDC.