Mr. Raúl Rivera Méndez, the Industrial Cibersecurity Center Coordinator in Costa Rica (CCI Coordinators Team), helps us to get in context of the state of the industrial cybersecurity in his country, and to do so, he shares with us his impressions.

He describes the level of sensitivity of industrial organizations in his country according to the following percentages:

He also affirms that the trend of recent years has been a slight increase.

Costa Rica counts with local and national public bodies promoting an adequate legal framework, in order to ensure the progressive incorporation of industrial cybersecurity measures in national presence companies (mainly critical infrastructure). The main organizations are:

• MICITT ICE (Energy - Comunications)
• RECOPE ACUADUCTOS Y ALCANTARILLADOS
• CAJA COSTARRICENSE DE SEGURO SOCIAL

Among the main national laws and regulations affecting in this context in Costa Rica, Raul mentions:

• Law 9048 Section VIII, Computer and Related Offenses, Title VII of the Criminal Code

Analysing the most widely adopted industrial cybersecurity measures by Costa Rica's organizations to protect industrial automation systems, Raúl highlights the application of:

• Internal security audits
• External security audits
• Network design and architectures
• Development of continuity and / or contingency plans
• Conventional firewalls
• Backups
• Industrial applications control
• Antivirus

The CCI Coordinator in Costa Rica characterizes the industrial cybersecurity situation in his country with the following SWOT analysis: