Overview of cyber security in Panama

The cybersecurity issues have gained renewed importance since the pandemic of the new SARS-CoV-2 virus causing COVID-19 disease has caused significant numbers of people to be working remotely through so-called “teleworking”. This situation has brought new threats to the work environment that threaten the security of information and internal processes of companies and organizations.

In the wake of the pandemic, cyber-attacks such as phishing, identity theft, social engineering, e-mail spoofing and the common and well-known ransomware, by cyber criminals have increased significantly, with a 140% increase worldwide. It is everyone’s responsibility to be alert to this reality, which can affect both companies and individuals.

Below, we will reflect on relevant aspects in Panama on this important topic. We will try to give a general overview of aspects such as legislation, strategies, among others.

Overview of Cybersecurity in Panama

The first important step that Panama took as a country was the creation in 2011, through Executive Decree No. 709, of the “CSIRT PANAMA” (Computer Security Incident Response Team), National Response Team to Information Security Incidents of the Panamanian State, which is responsible for investigations related to incidents affecting the security of computer and communication systems of State entities.

The National Strategy for Cybernetic Security and Critical Infrastructure Protection was later approved by Resolution No. 21 of 2013 of the National Council for Government Innovation.  This document, issued by the National Authority for Government Innovation, describes the different risks faced by Panama in the use of Information and Communication Technologies (ICT).

The pillars of the strategy are:

  •  Prevent and stop criminal behavior in cyberspace or the use of it for any kind of crime or illegal acts.
  • Strengthen the cyber security of critical national infrastructures.
  • To promote the development of a strong national business network in cyber security, as a reference for the region.
  • Develop a culture of cyber security through training, innovation and adoption of standards.
  • Improve cyber security and incident response capability of public…