Cybersecurity in Brazil finally received a regulatory milestone with the creation of the National Cybersecurity Policy (hereafter referred to as “PNCiber”) at the end of 2023. The initiative, proposed by the Office of Institutional Security of the Presidency of the Republic (GSI/PR), came at an important time, as the country stands out as a frequent target of cyberattacks.
PNCiber aims to improve national cybersecurity in line with international best practices. The creation of the National Cybersecurity Committee (hereafter referred to as “CNCiber”) is an important step to monitor the implementation and evolution of the policy, in addition to evaluating and proposing updates.
Benefits PNCiber brings Brazil
The unification of security regulation under the federal structure is one of the strengths of PNCiber. The aim is to reduce the fragmentation of standards and make it easier for law enforcement to combat the growing wave of security incidents.
Another positive point is the initiative to actively involve Brazil in global debates on cybersecurity. Participation in international forums such as the World Economic Forum will allow the country to share its experiences and learn from international best practices.
However, PNCiber also presents some challenges. The absence of the National Data Protection Authority (hereafter referred to as “ANPD”) in the composition of CNCiber is a significant omission, especially given the importance of personal data protection in the context of cybersecurity. It is essential that PNCiber is composed of technical experts with experience in cybersecurity to ensure the effectiveness of the policy.
On the path to an effective national security
The creation of PNCiber is a positive step for Brazil. The initiative demonstrates the government’s growing attention to cybersecurity and paves the way for the development of a digital security culture in the country.
On the other hand, the creation of PNCiber is a significant step that demonstrates the recognition of the risks that digital crime poses to the integrity of organizations and the safety of the population. It is expected that the policy will stimulate a debate on the importance of investing in cybersecurity and strengthen the digital security culture in the country.
The unification of cybersecurity policies is expected to improve the governance of public and private institutions, leading to increased investment in the sector and a reduction in cybersecurity incidents. This will not only mean more effective protection against threats, but will also be a step in the right direction for building a safer digital society.
The National Cybersecurity Policy is an important milestone in the protection of Brazil’s digital infrastructure, and will require continuous collaboration and adaptation to changes in the cyber threat landscape to achieve its full security and data privacy potential.
The growing threat of data breaches and cyber-attacks requires a proactive and comprehensive approach to digital security. The solutions offered by tuvis are characterized by their ability to proactively identify risks and their ability to ensure compliance with regulations such as the General Data Protection Law (LGPD). It is important to highlight that tuvis closely follows the National Cybersecurity Policy and adapts to the challenges of this constant evolution.