Chile’s national cybersecurity policy 2023–2028
December 2023
Strategies and Action Plans
Chile’s National Cybersecurity Policy 2023–2028 is the official framework for strengthening its national capacity to prevent, respond to, and manage cyber risks over a five-year period. It updates the country’s earlier cybersecurity policy of 2017 and reflects both the regional increase in digitalisation and the growing risks from cybercrime, critical infrastructure vulnerabilities, and geopolitical challenges in cyberspace. The strategy was developed under the coordination of the Ministry of the Interior and Public Security, in line with the institutional framework established by Law No. 21.459 on computer crimes and related regulations.
Objectives and guiding principles
The strategy sets out a clear vision: to make Chile a resilient and trusted digital society where citizens, businesses, and institutions can operate securely. Its guiding principles include respect for fundamental rights, a multistakeholder approach, technological neutrality, international cooperation, and continuous improvement. The document recognises cybersecurity as not only a technical issue but also a matter of public policy, human rights, and national security.
Strategic goals
The policy identifies several strategic goals for the 2023–2028 period. These include:
- protecting critical information infrastructure and essential services, especially in energy, transport, health, and finance;
- developing national cyber incident response capacity through strengthening the CSIRT (Computer Security Incident Response Team) and establishing sectoral CERTs;
- building a culture of cybersecurity among citizens, schools, and businesses through education and awareness programmes;
- fostering cybersecurity research, innovation, and capacity-building to create a specialised workforce;
- aligning national legislation and regulation with international standards and commitments; and
- enhancing international cooperation with partners and organisations on cybercrime, cyber defence, and standards development.
Institutional framework
The document assigns responsibilities across different institutions. The Ministry of the Interior coordinates the overall policy. The CSIRT of Government plays a central role in incident detection and response, while sectoral regulators are tasked with implementing security requirements in their respective domains. The strategy also foresees stronger public-private cooperation, recognising that much of Chile’s critical infrastructure is privately owned and operated.
Implementation and monitoring
The strategy includes an implementation plan with milestones for each year up to 2028. It stresses the need for measurable indicators to track progress and sets up a governance mechanism for follow-up. This includes regular reviews and updates, ensuring flexibility to adapt to emerging technologies such as artificial intelligence, 5G, and quantum computing, which may create new risks and require policy adjustments.