Creating a cybersecurity strategy for an individual country is difficult. Developing a joint agreement in this area between the two countries is a huge headache. Find a compromise for 33 countries? It is almost impossible.
However, according to Canadian General Lacroix, who serves as the Director General of the Secretariat of the Inter-American Defense Council, in the future there should be some kind of unified agreement on cyber security between the countries of North and South America.
Currently, only eight of the 27 Council member countries have an official cyber strategy, and most of them have developed such a document quite recently.
To get agreement from all these countries to invest in ensuring cybersecurity, not to mention starting some kind of joint work on projects, is a serious problem.
“This is difficult,” Lacroix said. “This is not easy, and I would say that our organization essentially provides only technical advice based on requests from either the Organization of American States or the member states themselves. We do not know how to make the country interested in cybersecurity and make it a priority in domestic policy. ”
Lacroix hopes that the less developed countries of Latin America will look at what their "senior comrades" are doing and take an example from them.
“I think when they see that Brazil, Colombia and Mexico get involved and develop their own cyber security policy, they will come into play,” he said, before acknowledging that the problem of lack of resources and experience is a separate issue.
It is unlikely that a state with a small defense budget will want to make cybersecurity a matter of paramount importance, because it is unlikely to become a target. A major incident, such as breaking into the banking system or a cyber attack on military systems, is likely to force these countries to become more active, but until then they will have little incentive to take preventive measures.
Lacroix hopes that South American countries that start investing in cybersecurity will be able to encourage their neighbors to start thinking about potential risks in advance.
He points to Brazil, which is investing significant amounts in information technology. But even there, economic prospects come to the fore, as the Brazilian budget is falling due to lower oil prices. Lacroix is considering building public-private partnerships. In his opinion, it is important to tell people about why the information sphere needs financial contributions.
“We train today's and tomorrow’s leaders so that they can make the right decisions in the field of cybersecurity policies,” he said.
A potential problem of concern to the United States and Canada, whose military, of course, actively participate in such discussions, is the threat from China and, to a lesser extent, Russia.
Both countries are investing in Latin America, and Chinese firms are involved in building the information infrastructure that many countries need. The United States fears that Chinese or Russian technologies will be used in areas important to state security. Washington will not be very happy if one of its allies connects to American networks and secret databases using Chinese-made software and hardware.
Lacroix acknowledged that while there is no way to deal with it.
“I think that we can fantasize for a long time on what China and other countries are doing in the Latin American region, but, first of all, they have occupied a profitable niche and fill the void,” he said. And although he “suspects” that various defense organizations are studying this issue closely, his organization has nothing to do with it.