EXECUTIVE SUMMARY
In recent years, private organizations, the public sector, and civil society have rapidly adopted digital transformation thanks to the availability of technology and information, especially since 2019 in the wake of the COVID-19 healthcare crisis.
In this context, and in response to the need for economic recovery and within the framework of the Plan Transforma Chile announced by Microsoft Chile in December 2020, Microsoft Chile and Centro de Innovación UC Anacleto Angelini collaborated to create a Digital Transformation Roadmap for Economic Reactivation in 2021. This working group suggested that the technological adoption associated with the digital transformation of the country’s productive chain, required security measures to avoid vulnerability and significant exposure to cyberattacks. Consequently, this transformation was only possible with a cybersecurity strategy that could protect businesses, critical infrastructure and the personal data of users and consumers. As a result, we developed the Cybersecurity Roadmap for Chile.
One thing that was certain was that the new scenario would increase the risk of exposure for individuals and organizations, which provides an important digital opening for security breaches. Digital threats and criminal cyber activity are growing. For instance, currently 43 trillion potentially hazardous signals are analyzed daily at a global level (Microsoft, 2022), whereas that number reached 29 trillion in 2021.
This phenomenon was experienced rather intensively in Chile in recent years, with cyberattacks that have become public knowledge. These actions show that the value of building the Cybersecurity Roadmap lies in its process, as it allows unifying common problems around an intersectoral dialogue, leading to the development of work proposals that can be implemented at the country level by 2025.
2
The creation of this Roadmap took eight months and consisted of two stages. Around 100 national leaders in their fields participated in:
The Advisory Board, made up of directors and managers of large businesses in the country, as well as representatives of the public sector and academia. Its goal was to lay the groundwork for a preliminary vision of the issue. They established a strategic view to develop areas and gaps pertaining to each of the Development Boards.
The Development Boards, comprised of members from various organizations with experience in private, public and academic initiatives related to the identified areas. A Board was formed for each prioritized area (Culture, Talent and Technology) with the aim of establishing a tactical and operational approach by proposing projects to be implemented.
Initially, the Roadmap executive team worked with the Advisory Board in the diagnosis on the state of cybersecurity in Chile, which resulted in the definition of twelve areas. The team gathered visions of the different Advisory Board members through a review of the state of the art. Also, due to their technical knowledge of the area, more than 20 Board members and other relevant professionals were interviewed.
From a strategic standpoint, the Advisory Board prioritized three of the twelve intervention areas, which resulted in three Development Boards (Talent and skills development in cybersecurity; Culture in cybersecurity; and Technology, ecosystem, protocols and standards).
These boards brought together more ecosystem actors to maintain the project’s collaborative spirit and country perspective. Following the Development Boards’ working sessions, the Advisory Board evaluated and ranked the proposed projects. The methodological process is explained graphically in the following diagram.
PUBLIC-PRIVATE
COMMUNICATION
3
12 12
WORK PACKAGES PRIORITIZED BY THE ADVISORY BOARD 3 DEVELOPMENT BOARDS PRIORITIZED AREAS
AREAS IDENTIFIED IN THE INITIAL DIAGNOSIS
PROJECT PORTFOLIOS
STRATEGIC
CONTINUING EDUCATION PROGRAMS FOR TRAINING IN CYBERSECURITY
TALENT AND SKILLS DEVELOPMENT IN CYBERSECURITY
PARTNERSHIP FOR THE GENERATION OF PROGRAMS TO DEVELOP TALENT CULTURE IN CYBERSECURITY
CAMPAIGN TO RAISE AWARENESS OF DIGITAL RISKS AND THE IMPORTANCE OF CYBERSECURITY HABITS TECHNOLOGY, ECOSYSTEM, PROTOCOLS AND STANDARDS
3 4
STANDARDS MONITORING PLATFORM
In addition to influencing national public policy, this Roadmap seeks to define and guide a strategy and tactic in an associative and practical manner toward the development and well-being of Chile. It varies from other publications since it proposes concrete projects that can be carried out over a three-year period, rather than just remaining a theoretical exercise. In fact, at the time of submitting this document, several of the projects are already being executed.
One of these initiatives that is already underway is the first Minimum Viable Product of the security academy, promoted by the Universidad Católica and Microsoft. Students from all the university’s faculties were invited, and 450 of them are currently undergoing the certification process after completing a program of digital training and passing a test. Native professionals, in degrees as diverse as engineering, social sciences and health areas, are now trained in cybersecurity.
Another important initiative underway is organized through the Ministry of Economy, Development and Tourism. Its goal is to certify 10,000 SMEs in cybersecurity basics.
Thus, the call is to find spaces for synergy and co-construction to move forward in the level of cybersecurity maturity which is necessary for the country’s development and positioning as a regional benchmark.
