Financial Crime World

Brazil’s Cybersecurity Strategy: Key Points

The Brazilian government has published a normative instruction (IN-4 GSI) outlining minimum requirements for cybersecurity in the establishment of 5G networks. This does not explicitly prevent Huawei from accessing the Brazilian market but leaves room for future restrictions based on vulnerabilities and backdoors.

  • Key takeaways:
    • IN-4 GSI sets minimum cybersecurity requirements for 5G network establishments
    • Room for future restrictions on companies like Huawei based on vulnerabilities and backdoors

Cybersecurity Bill

The E-Ciber aims to provide specific guidelines for strategic alignment on cybersecurity. It will serve as a binding element that the strategy lacks.

  • Key points:
    • E-Ciber provides guidelines for strategic alignment on cybersecurity
    • The law serves as a binding element for the strategy
    • Caution is needed to ensure rights and security walk side by side, especially in times of crisis

International Cooperation

Brazil has been referred to as a swing state pursuing a purposefully ambiguous cyber diplomacy. It has managed to play an increasingly important role internationally, leading global efforts in data protection and internet governance.

  • Key takeaways:
    • Brazil is a swing state with ambiguous cyber diplomacy
    • The country plays an increasingly important role internationally in data protection and internet governance
    • New avenues for cooperation have been established despite internal coordination challenges

E-Ciber’s Recommendations

The E-Ciber explicitly mentions the need to enhance Brazil’s role in international cooperation. It suggests that recent developments point towards a slightly more comprehensive approach to cybersecurity.

  • Key points:
    • E-Ciber emphasizes the importance of enhancing Brazil’s role in international cooperation
    • The country should adopt a more comprehensive approach to cybersecurity
    • This includes operational coordination, international engagement, and capacity building efforts

COVID-19 Pandemic

The COVID-19 outbreak has highlighted ideological cleavages in Brazil. Emerging digital challenges require doubled attention, especially when it comes to cybersecurity and privacy.

  • Key takeaways:
    • The pandemic has exposed ideological cleavages in Brazil
    • Digital challenges, particularly cybersecurity and privacy concerns, demand increased attention

Data Protection Law

A recent bill passed in the Senate postpones the deadline for compliance with the Brazilian Data Protection Law from August 2020 to January 2021.

  • Key points:
    • The bill delays the implementation of the Data Protection Law until January 2021
    • This could lead to weaker privacy and data protections, especially in times of crisis

Cybersecurity Bill Development

Much caution is required not to conflate cybersecurity with content-related issues such as disinformation or fake news. Conflating these could result in further challenges to ensuring that constitutional rights to freedom of speech walk hand in hand with building cyber resilience.

  • Key points:
    • Caution is needed when developing cybersecurity bills
    • Cybersecurity should not be conflated with content-related issues like disinformation or fake news

Communication and Trust Building

Communicating effectively with the population and interacting with civil society organizations and academia is more pressing than ever. The consolidation of the strategic vision of the E-Ciber depends on building trust with different sectors, especially civil society and academia.

  • Key takeaways:
    • Effective communication with the population and other stakeholders is crucial
    • Building trust with civil society and academia will help consolidate the E-Ciber’s strategic vision