The Maturity of the Legal and Regulatory Framework in the Field of Cybersecurity in Latin America according to the Capability Maturity Model
( Pp. 20-29)
More about authors
Yakovleva Anna V.
Dr. Sci. (Econ.), Professor; associate professor
Herzen State Pedagogical University of Russia
St. Petersburg, Russian Federation
Herzen State Pedagogical University of Russia
St. Petersburg, Russian Federation
Abstract:
In 2016, Mexico, Argentina and Chile joined the Cancun Declaration «Ministerial Declaration on the Digital Economy: Innovation, Growth and Social Prosperity», in which ministers and representatives from 41 countries and the European Union committed to work together to reinforce the Internet’s openness, bridge digital divide, develop digital skills and strengthen the potential of the digital economy. However, with the exponential increase in the amount of digital data in cyber environments, security measures are becoming increasingly important. National and international entities are identifying cybersecurity threats, and the number of these threats is increasing daily. Addressing cybersecurity risks is possible if a productive and enforceable legal policy in the field of cybersecurity is in place. Therefore, in order to analyze the effectiveness of the regulatory framework, we use one aspect of the CMM model “Cybersecurity Capability Maturity Model for States”. Admittedly, for a number of countries, the development of the digital economy has become an impetus for the development of new legal mechanisms and practices to protect the rights of individuals, companies, institutions; rights and sovereignty of states from cyber threats and cyber terrorism.
How to Cite:
Yakovleva A.V., (2022), THE MATURITY OF THE LEGAL AND REGULATORY FRAMEWORK IN THE FIELD OF CYBERSECURITY IN LATIN AMERICA ACCORDING TO THE CAPABILITY MATURITY MODEL. Economic Problems and Legal Practice, 4 => 20-29.
Reference list:
How we got from VUCA world to BANI world and what we should do there. [Electronic resource]. -Available at: URL: https://netology.ru/blog/04-2022-bani-world (accessed on: 18.04.2022).
Minbaleev A.V. Doctrine of information security of the Russian Federation: current state and development potential / A.V. Minbaleev // Bulletin of the Ural Federal District. Information security. -2016. -№ 3(21). -pp. 62-66.
Minbaleev A.V. Fundamentals of legal regulation of the Internet / A.V. Minbaleev // Law and cybersecurity. -2014. -№ 1. -pp. 20-26.
Rassolov I. Legal issues of combating cybercrime. Issues of international jurisdiction / I. Rassolov // Law and legislation. -2007. -№ 10. -pp. 64-66.
The state of the art in cybersecurity. -United Nations Office on Drugs and Crime. -[Electronic resource] -Available at: URL: https://www.unodc.org/e4j/ru/cybercrime/module-8/key-issues/cybersecurity-posture.html (accessed on: 10.06.2022).
What is the VUCA world and how to live there? -[Electronic resource] -Available at: URL: https://monocler.ru/chto-takoe-vuca-mir-i-kak-v-nem-zhit/ (accessed on: 21.03.2022).
Yakovleva A.V. About cooperation in the field of information security, cybersecurity (legal aspect) / A.V. Yakovleva // Problems of economics and legal practice. -2020. -Volume 16, № 6. -pp. 139-147.
Yakovleva A.V. Cybersecurity and its legal regulation (foreign and Russian experience) / A.V. Yakovleva // Socio-political sciences. -2021. -Volume 11, № 4. -pp. 70-81. -DOI: 10.33693/2223-0092-2021-11-4-70-81.
Yakovleva A.V. Legal enforcement of cybersecurity in China / A.V. Yakovleva // Information law. -2021. -№ 2. -pp. 37-40. -DOI: 10.18572/1999-480X-2021-2-37-40.
Yakovleva A.V. Problems of legal regulation of information security in the context of the development of the digital economy / A.V. Yakovleva. -Saratov: Amiirit, 2021. -272 p.
Yakovleva A.V., Gorshkova S.B., Vakulenko P.S., Stepanova T.V. Digital economy and formation of the national information security system in Russia / A.V. Yakovleva, S.B. Gorshkova, P.S. Vakulenko, T.V. Stepanova // Financial Economics. -2019. -№ 3. -pp. 551-560.
Agenda digital Argentina. Decreto 996/2018. DECTO-2018-996-APN-PTE-Apruébanse bases. Ciudad de Buenos Aires, 02/11/2018. -[Electronic resource]-Available at: URL: https://www.boletinoficial.gob.ar/#!DetalleNorma/195154/20181105 (accessed on: 10.06.2021).
Ciberataques. Guía para la gestión y notificacion de ataques informáticos. -[Electronic resource] -Available at: URL: https://ciberseguridad.com/ciberataques/#Latinoamerica (accessed on: 10.06.2021).
Cibersegurança riscos, avanços e o caminho a seguir na América Latina e Caribe. Relatório de Cibersegurança 2020. -[Electronic resource] -Available at: URL:https://publications.iadb.org/publications/portuguese/document/Relatorio-de-Ciberseguranca-2020-riscos-avancos-e-o-caminho-a-seguir-na-America-Latina-e-Caribe.pdf (accessed on: 10.09.2021).
Convention for the Protection of Individuals with regard to Automatic Processing of Personal Data (ETS № 108). -Strasbourg 28/01/1981. -01/10/1985 (5 Ratifications). -[Electronic resource] -Available at: URL: https://www.coe.int/en/web/conventions/full-list?module=treaty-detail&treatynum=108 (accessed on: 10.06.2022).
Coos A. Data Protection Regulations in Latin America / A. Coos. -2019. -March, 28. -[Electronic resource] -Available at: URL: https://www.endpointprotector.com/blog/data-protection-regulations-in-latin-america/ (accessed on: 10.06.2022).
Cybersecurity Capacity Maturity Model for Nations (CMM). -2021 Edition. -[Electronic resource] -Available at: URL: https://cybilportal.org/wp-content/uploads/2021/03/CMM2021-Edition-March-2021.pdf (accessed on: 10.06.2022).
Decreto 378/2005. Poder ejecutivo nacional (P.E.N.). Plan nacional gobierno electronico y planes sectoriales. Ciudad de Buenos Aires, 27/04/2005. -[Electronic resource] -Available at: URL: https://www.argentina.gob.ar/normativa/nacional/decreto-378-2005-105829/texto (accessed on: 10.06.2022).
Decreto 577/2017. Comité de ciberseguridad. Ciudad de Buenos Aires, 28/07/2017. -[Electronic resource] -Available at: URL: https://www.argentina.gob.ar/normativa/nacional/decreto-577-2017-277518/texto (accessed on: 10.06.2022).
Decreto 87/2017. Poder ejecutivo nacional (P.E.N.). Plataforma digital del sector público nacional. Ciudad de Buenos Aires, 02/02/2017. -[Electronic resource] -Available at: URL: https://www.argentina.gob.ar/normativa/nacional/decreto-87-2017-271486/texto (accessed on: 10.06.2022).
Decreto 996/2018. Poder ejecutivo nacional (P.E.N.). Agenda digital Argentina. Ciudad de Buenos Aires, 02/11/2018. -[Electronic resource] -Available at: URL: https://www.argentina.gob.ar/normativa/nacional/decreto-996-2018-316036/texto (accessed on: 10.06.2022).
En América Latina las empresas son víctimas de ciberataques 1.586 veces por semana. -27 de Mayo de 2022. -[Electronic resource] -Available at: URL: https://www.infobae.com/america/tecno/2022/05/27/en-america-latina-las-empresas-son-victimas-de-ciberataques-1586-veces-por-semana/ (accessed on: 10.06.2022).
Estrategia Nacional de Ciberseguridad de la República Argentina. -[Electronic resource] -Available at: URL: https://www.actualidadenseguridad.com/normativacomentada/estrategia-nacional-de-ciberseguridad-de-la-republica-argentina/ (accessed on: 10.09.2021).
Gläser W. Where does the term «VUCA» come from? / W. Gläser. -New, VUCA Blog. -2021. -November, 9. -[Electronic resource] -Available at: URL: https://www.vuca-world.org/where-does-the-term-vuca-come-from/ (accessed on: 21.03.2022).
Ley 25.326. Proteccion de los datos personales. Honorable Congreso de la Nacion Argentina. 2000-11-02. -[Electronic resource] -Available at: URL: https://www-argentina-gob-ar.translate.goog/normativa/nacional/ley-25326-64790/texto?_x_tr_sl=es&_x_tr_tl=ru&_x_tr_hl=ru&_x_tr_pto=op,sc (accessed on: 10.06.2022).
Nueva Estrategia Nacional de Ciberseguridad en Argentina. 11 junio, 2019. -[Electronic resource] -Available at: URL: https://u-gob.com/nueva-estrategia-nacional-de-ciberseguridad-en-argentina/ (accessed on: 10.09.2021).
Resolución 580/2011. Jefatura de Gabinete de Ministros. Créase el Programa Nacional de Infraestructuras Críticas de Información y Ciberseguridad. Objetivos. Ciudad de Buenos Aires, 28/7/2011. -[Electronic resource] -Available at: URL: https://www.argentina.gob.ar/normativa/nacional/resoluci%C3%B3n-580-2011-185055/texto (accessed on: 10.06.2022).
Resolución 829/2019. Jefatura de Gabinete de Ministros. Secretaría de Gobierno de modernización. Ciudad de Buenos Aires, 24/05/2019. -[Electronic resource] -Available at: URL: https://www.argentina.gob.ar/normativa/nacional/resoluci%C3%B3n-829-2019-323594/texto (accessed on: 10.06.2022).
¿Qué es un ataque ransomware de triple extorsión? -[Electronic resource] -Available at: URL: https://escuda.eu/que-es-un-ataque-ransomware-de-triple-extorsion/#:~:text=Pero%20para%20definir%20claramente% 20en,amenaza%20de%20publicar%20sus%20datos (accessed on: 10.06.2022).
Minbaleev A.V. Doctrine of information security of the Russian Federation: current state and development potential / A.V. Minbaleev // Bulletin of the Ural Federal District. Information security. -2016. -№ 3(21). -pp. 62-66.
Minbaleev A.V. Fundamentals of legal regulation of the Internet / A.V. Minbaleev // Law and cybersecurity. -2014. -№ 1. -pp. 20-26.
Rassolov I. Legal issues of combating cybercrime. Issues of international jurisdiction / I. Rassolov // Law and legislation. -2007. -№ 10. -pp. 64-66.
The state of the art in cybersecurity. -United Nations Office on Drugs and Crime. -[Electronic resource] -Available at: URL: https://www.unodc.org/e4j/ru/cybercrime/module-8/key-issues/cybersecurity-posture.html (accessed on: 10.06.2022).
What is the VUCA world and how to live there? -[Electronic resource] -Available at: URL: https://monocler.ru/chto-takoe-vuca-mir-i-kak-v-nem-zhit/ (accessed on: 21.03.2022).
Yakovleva A.V. About cooperation in the field of information security, cybersecurity (legal aspect) / A.V. Yakovleva // Problems of economics and legal practice. -2020. -Volume 16, № 6. -pp. 139-147.
Yakovleva A.V. Cybersecurity and its legal regulation (foreign and Russian experience) / A.V. Yakovleva // Socio-political sciences. -2021. -Volume 11, № 4. -pp. 70-81. -DOI: 10.33693/2223-0092-2021-11-4-70-81.
Yakovleva A.V. Legal enforcement of cybersecurity in China / A.V. Yakovleva // Information law. -2021. -№ 2. -pp. 37-40. -DOI: 10.18572/1999-480X-2021-2-37-40.
Yakovleva A.V. Problems of legal regulation of information security in the context of the development of the digital economy / A.V. Yakovleva. -Saratov: Amiirit, 2021. -272 p.
Yakovleva A.V., Gorshkova S.B., Vakulenko P.S., Stepanova T.V. Digital economy and formation of the national information security system in Russia / A.V. Yakovleva, S.B. Gorshkova, P.S. Vakulenko, T.V. Stepanova // Financial Economics. -2019. -№ 3. -pp. 551-560.
Agenda digital Argentina. Decreto 996/2018. DECTO-2018-996-APN-PTE-Apruébanse bases. Ciudad de Buenos Aires, 02/11/2018. -[Electronic resource]-Available at: URL: https://www.boletinoficial.gob.ar/#!DetalleNorma/195154/20181105 (accessed on: 10.06.2021).
Ciberataques. Guía para la gestión y notificacion de ataques informáticos. -[Electronic resource] -Available at: URL: https://ciberseguridad.com/ciberataques/#Latinoamerica (accessed on: 10.06.2021).
Cibersegurança riscos, avanços e o caminho a seguir na América Latina e Caribe. Relatório de Cibersegurança 2020. -[Electronic resource] -Available at: URL:https://publications.iadb.org/publications/portuguese/document/Relatorio-de-Ciberseguranca-2020-riscos-avancos-e-o-caminho-a-seguir-na-America-Latina-e-Caribe.pdf (accessed on: 10.09.2021).
Convention for the Protection of Individuals with regard to Automatic Processing of Personal Data (ETS № 108). -Strasbourg 28/01/1981. -01/10/1985 (5 Ratifications). -[Electronic resource] -Available at: URL: https://www.coe.int/en/web/conventions/full-list?module=treaty-detail&treatynum=108 (accessed on: 10.06.2022).
Coos A. Data Protection Regulations in Latin America / A. Coos. -2019. -March, 28. -[Electronic resource] -Available at: URL: https://www.endpointprotector.com/blog/data-protection-regulations-in-latin-america/ (accessed on: 10.06.2022).
Cybersecurity Capacity Maturity Model for Nations (CMM). -2021 Edition. -[Electronic resource] -Available at: URL: https://cybilportal.org/wp-content/uploads/2021/03/CMM2021-Edition-March-2021.pdf (accessed on: 10.06.2022).
Decreto 378/2005. Poder ejecutivo nacional (P.E.N.). Plan nacional gobierno electronico y planes sectoriales. Ciudad de Buenos Aires, 27/04/2005. -[Electronic resource] -Available at: URL: https://www.argentina.gob.ar/normativa/nacional/decreto-378-2005-105829/texto (accessed on: 10.06.2022).
Decreto 577/2017. Comité de ciberseguridad. Ciudad de Buenos Aires, 28/07/2017. -[Electronic resource] -Available at: URL: https://www.argentina.gob.ar/normativa/nacional/decreto-577-2017-277518/texto (accessed on: 10.06.2022).
Decreto 87/2017. Poder ejecutivo nacional (P.E.N.). Plataforma digital del sector público nacional. Ciudad de Buenos Aires, 02/02/2017. -[Electronic resource] -Available at: URL: https://www.argentina.gob.ar/normativa/nacional/decreto-87-2017-271486/texto (accessed on: 10.06.2022).
Decreto 996/2018. Poder ejecutivo nacional (P.E.N.). Agenda digital Argentina. Ciudad de Buenos Aires, 02/11/2018. -[Electronic resource] -Available at: URL: https://www.argentina.gob.ar/normativa/nacional/decreto-996-2018-316036/texto (accessed on: 10.06.2022).
En América Latina las empresas son víctimas de ciberataques 1.586 veces por semana. -27 de Mayo de 2022. -[Electronic resource] -Available at: URL: https://www.infobae.com/america/tecno/2022/05/27/en-america-latina-las-empresas-son-victimas-de-ciberataques-1586-veces-por-semana/ (accessed on: 10.06.2022).
Estrategia Nacional de Ciberseguridad de la República Argentina. -[Electronic resource] -Available at: URL: https://www.actualidadenseguridad.com/normativacomentada/estrategia-nacional-de-ciberseguridad-de-la-republica-argentina/ (accessed on: 10.09.2021).
Gläser W. Where does the term «VUCA» come from? / W. Gläser. -New, VUCA Blog. -2021. -November, 9. -[Electronic resource] -Available at: URL: https://www.vuca-world.org/where-does-the-term-vuca-come-from/ (accessed on: 21.03.2022).
Ley 25.326. Proteccion de los datos personales. Honorable Congreso de la Nacion Argentina. 2000-11-02. -[Electronic resource] -Available at: URL: https://www-argentina-gob-ar.translate.goog/normativa/nacional/ley-25326-64790/texto?_x_tr_sl=es&_x_tr_tl=ru&_x_tr_hl=ru&_x_tr_pto=op,sc (accessed on: 10.06.2022).
Nueva Estrategia Nacional de Ciberseguridad en Argentina. 11 junio, 2019. -[Electronic resource] -Available at: URL: https://u-gob.com/nueva-estrategia-nacional-de-ciberseguridad-en-argentina/ (accessed on: 10.09.2021).
Resolución 580/2011. Jefatura de Gabinete de Ministros. Créase el Programa Nacional de Infraestructuras Críticas de Información y Ciberseguridad. Objetivos. Ciudad de Buenos Aires, 28/7/2011. -[Electronic resource] -Available at: URL: https://www.argentina.gob.ar/normativa/nacional/resoluci%C3%B3n-580-2011-185055/texto (accessed on: 10.06.2022).
Resolución 829/2019. Jefatura de Gabinete de Ministros. Secretaría de Gobierno de modernización. Ciudad de Buenos Aires, 24/05/2019. -[Electronic resource] -Available at: URL: https://www.argentina.gob.ar/normativa/nacional/resoluci%C3%B3n-829-2019-323594/texto (accessed on: 10.06.2022).
¿Qué es un ataque ransomware de triple extorsión? -[Electronic resource] -Available at: URL: https://escuda.eu/que-es-un-ataque-ransomware-de-triple-extorsion/#:~:text=Pero%20para%20definir%20claramente% 20en,amenaza%20de%20publicar%20sus%20datos (accessed on: 10.06.2022).
Keywords:
legal maturity, cybersecurity capability maturity model for states, CMM model, cybersecurity, cyber attacks, triple extortion, Latin America.
Related Articles
Public Law Pages: 16-20 DOI: 10.33693/2782-7372-2023-2-2-16-20 Issue №23134
Integrated Approach of Personnel Training for Cybersecurity: Challenges and Problems
digital economy
information law
intellectual property
information security
information warfare
Show more
CRIMINAL - LEGAL, CRIMINOLOGICAL, ADMINISTRATIVE AND OTHER MEASURES FOR COUNTERING CRIME IN CONTEMPORARY CONDITIONS Pages: 232-236 Issue №23752
Cybersecurity Issues In Modern Digital Systems
cybercrime
cybersecurity
cyber threat
information and communication technologies
digitalization
Show more
14. INFORMATION LAW 12.00.13 Pages: 310-313 Issue №17214
Actual issues of ensuring cybersecurity in the context of the digitalization of the economy of the Russian Federation
cybersecurity
digital economy
information space
cybercrime
banking sector
Show more
9. CRIMINAL LAW DISCIPLINES @@CRIMINAL LAW, PENAL LAW, CRIMINOLOGY (12.00.08) Pages: 276-279 Issue №19269
Cybersecurity and Computer Literacy in Law Enforcement Bodies
cybercrime
cybersecurity
information security
law enforcement bodies
prevention
Show more
CRIMINAL LAW (5.1.4.) Pages: 273-277 Issue №24238
Status and Trends in the Development of Cybercrime in the Russian Federation
cybercrime
cybersecurity
computer information
counteraction
information technologies.
Show more
9. Judicial, prosecutorial, human rights and law enforcement activities Pages: 186-188 Issue №11481
Cyber-attacks as a threat to information security
cyber attacks
information security
cyber threats
viruses
Show more
9. CRIMINAL LAW DISCIPLINES @@CRIMINAL LAW, PENAL LAW, CRIMINOLOGY (12.00.08) Pages: 260-265 DOI: 10.33693/2072-3164-2021-14-4-260-265 Issue №19269
The Legal Framework for Cybersecurity in the Russian Federation
cybersecurity
cybercrime
Information Security
cyber threats
legal framework
Show more
10. FORENSICS; FORENSIC EXPERTISE; OPERATIONAL AND SEARCH ACTIVITIES (12.00.12) Pages: 265-278 Issue №17401
Criminalistic prediction and criminalistic prevention of cyber crimes in the field of healthcare
COVID-19
cybersecurity
cyberthreat
cyberattack
COVID-19
Show more
CRIMINAL - LEGAL, CRIMINOLOGICAL, ADMINISTRATIVE AND OTHER MEASURES FOR COUNTERING CRIME IN CONTEMPORARY CONDITIONS Pages: 237-241 Issue №23752
Modern Realities of Cybercrime in the Russian Federation
cybercrime
cybersecurity
cyberspace
cyber technologies
digital systems
Show more
4. CRIMINAL LAW (5.1.4.) Pages: 183-189 Issue №22457
State and Trends of Cybercrime in Russia and Foreign Countries
cybercrime
counteraction
cyber threat
public-private partnership
cybersecurity
Show more
