The subject is extremely delicate and must be treated with due caution, given the magnitude of its effects. However, the serious cybersecurity incidents that have become known in recent days and hours regarding different state and private entities constitute a reality that we will have to get used to living with and that can never again be considered as isolated incidents, as it seems to be the case in our country. Without going any further, a recent report by the cybersecurity company Check Point estimates that, globally, these have grown by 44%, only the first half of this year compared to 2021.
Unfortunately, faced with situations of this nature, in Chile it seems that we have not yet become aware of the real magnitude of the problem and that adopting preventive and educational measures for the public and private sector is becoming increasingly urgent, including not only technological improvements, but also enhancing a legal, corporate and institutional environment that is responsible for attacking it quickly and in a comprehensive manner, along with having a good Compliance Model that addresses both the risks related to the Computer Crime Law applicable to the legal entity, as well as the handling of personal data.
Thus, it is essential to have information security policies and protocols, personal data protection, an updated crime prevention model and contingency plans that provide clear guidelines on how to react to incidents of this nature.
Although we have celebrated as an advance the recent and long-awaited enactment of Law No. 21,459, on Computer Crimes (which considering the years of delay on this matter really is), the truth is that we are at a sidereal distance from other regions that have assumed cybersecurity as one of the most important challenges of the XXI century, and consider joint efforts with the private sector to address it, particularly educating small and medium enterprises on ways to prevent or mitigate attacks.
In this train of thought, it is enough to remember that Chile is still behind in implementing initial reforms in these matters, such as the approval of the Personal Data Bill, the Fintech Bill, together with the Cybersecurity Framework Bill, which would obviously contribute to generate minimum conditions in this regard.
Hence the urgency for legislative initiatives to talk to each other and maintain similar standards to help us combat this type of threat. Undoubtedly, the challenge is enormous and we do not have more time to act.
For more information on these topics, please contact our IP, Tech and Data and Compliance teams:
Gonzalo Navarro | Director az Tech | email@example.com
Francisca Franzani | Compliance Director | firstname.lastname@example.org
Antonia Nudman | Associate IP, Tech and Data | email@example.com
Natalia González | Associate IP, Tech and Data | firstname.lastname@example.org
Constanza Pasarin | Associate IP, Tech and Data | email@example.com
Florencia Fuentealba | Compliance Associate | firstname.lastname@example.org