Mexico’s National Cybersecurity Strategy (ENCS)
September 2017
Strategies and Action Plans
Mexico’s National Cybersecurity Strategy (ENCS), which was established in 2017 is a comprehensive framework to address the growing risks and threats in cyberspace. The strategy positions cybersecurity as a critical factor in Mexico’s digital development and aligns with international trends on security, resilience, and collaborative governance.
General objective:
The strategy aims to strengthen cybersecurity actions across social, economic, and political spheres, ensuring the responsible use and exploitation of ICTs (Information and Communication Technologies) for Mexico’s sustainable development.
Vision:
By 2030, Mexico envisions being a resilient nation against cyberspace threats, using ICTs responsibly to foster sustainable development.
Strategic objectives: There are five key strategic objectives:
- Society and Rights: Promote safe, responsible online behavior that respects human rights, privacy, and freedom of speech.
- Economy and Innovation: Protect the economy by promoting innovation and boosting Mexico’s cybersecurity industry.
- Public Institutions: Secure public institutions’ information systems to ensure continuity in services.
- Public Security: Enhance capacities to prevent and investigate cybercrimes.
- National Security: Develop measures to protect national sovereignty from cyber threats.
Guiding principles:
- Human Rights Perspective: Cybersecurity actions should respect and promote human rights.
- Risk-Management Approach: Handle uncertainties with preventive and corrective measures.
- Multidisciplinary and Multi-Stakeholder Collaboration: Foster collaboration between different sectors for a comprehensive approach.
Cross-cutting pillars: To support the strategic objectives, eight interdependent pillars are developed:
- Cybersecurity Culture: Promote awareness, education, and responsible ICT use.
- Capacity Development: Strengthen human capital and resources for cybersecurity.
- Coordination and Collaboration: Establish collaboration mechanisms across sectors.
- ICT Research, Development, and Innovation: Foster innovation in cybersecurity technologies.
- Standards and Technical Criteria: Develop cybersecurity standards and best practices.
- Critical Infrastructure: Protect critical infrastructure from cyber threats.
- Legal Framework and Self-Regulation: Adapt laws and promote self-regulation to combat cybercrime.
- Measurement and Monitoring: Implement metrics to evaluate the effectiveness of cybersecurity efforts.
Implementation framework:
The Cybersecurity Subcommittee, formed under the Interministerial Commission for the Development of Electronic Government, is responsible for overseeing the implementation, promoting inter-institutional cooperation, and working with multiple stakeholders, including civil society, the private sector, academia, and public institutions.
This strategy positions cybersecurity as a critical factor in Mexico’s digital development and aligns with international trends on security, resilience, and collaborative governance.