Brazil advances first national cybersecurity law
The proposed framework introduces compliance rules for public contracts and shared liability for breaches.
Brazil is preparing to pass its first national cybersecurity law, aiming to centralise oversight and strengthen protection for citizens and companies. The Cybersecurity Legal Framework would establish a new National Cybersecurity Authority to coordinate defence efforts across government and industry.
The legislation comes after a series of high-profile cyberattacks disrupted hospitals and exposed millions of personal records, highlighting gaps in Brazil’s digital defences. The authority would create nationwide standards, replacing fragmented rules currently managed by individual ministries and agencies.
Under the bill, public procurement will require compliance with official security standards, and suppliers will share responsibility for incidents. Companies meeting the rules could be listed as trusted providers, potentially boosting competitiveness in both public and private sectors.
The framework also includes incentives: financing through the National Public Security Fund and priority for locally developed technologies. While the bill still awaits approval in Congress, its adoption would make Brazil one of Latin America’s first countries with a comprehensive cybersecurity law.
Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!