Mr. Santiago Vazquez, the Industrial Cibersecurity Center Coordinator in Paraguay (CCI Coordinators Team), helps us to get in context of the state of the industrial cybersecurity in his country, and to do so, he shares with us his impressions.
He describes the level of sensitivity of industrial organizations in his country according to the following percentages:
He also affirms that the trend of recent years has exponentially grown.
Paraguay counts with local and national public bodies promoting an adequate legal framework, in order to ensure the progressive incorporation of industrial cybersecurity measures in national presence companies (mainly critical infrastructure). The main organizations are:
- Ministry of National Defense
- Nacional Police
- Ministerry of Public
- Ministry of Interior
Among the main national laws and regulations affecting in this context in Paraguay, Santiago Vazquez cites the Law 4439/11: Computer Crime, however clarifies that it is more a general Cybersecurity law than an specific Industrial Cybersecurity Law.
Analysing the most widely adopted industrial cybersecurity measures by Paraguayan organizations to protect industrial automation systems, Santiago Vazquez highlights the application of:
- External security audits
- Network design and architectures
- Development of continuity and / or contingency plans
- Conventional firewalls
The CCI Coordinator in Paraguay characterizes the industrial cybersecurity situation in his country with the following SWOT analysis:
- Lack of operational technologies certifications, processes and professionals
- Lack of specific industry cybersecurity legislation
- Lack of events and forums on industrial cybersecurity
- Lack of a solutions and services catalogue of industrial cybersecurity
- Lack of specific CERTs
- Santiago Vazquez notes that there is little work done regarding Industrial Cibersecurity, therefore no remarkable strengths are appreciated
- Application of IT security measures without discretion
- Shortage of local industrial cybersecurity professionals working for manufacturers
- Shortage of specific industrial cybersecurity risk management tools
- Increased of cibersecurity demand for Industry 4.0 and the Internet of things.
- Strategic position in the industrial cyber security sector