Cybersecurity Policy Exercise in Mexico

On April 21, 2022, the Stiftung Neue Verantwortung’s “International Cybersecurity Policy” team facilitated an in-person cybersecurity policy exercise in Mexico City. Previously, the cybersecurity policy exercise was designed and adapted to the country based on a validation workshop and open-source research focusing on Mexico’s cybersecurity policy.

The interactive and discussion-based tabletop exercise revolved around a hypothetical ransomware incident affecting international companies and small and medium-sized enterprises in Mexico. Participants from the government, private sector, civil society organizations, and academic institutions practiced analytical and strategic assessment of the incident, identified coordination and cooperation measures for responding to a cyber incident testing the operationalization of the newly proposed Homologated National Protocol for the Management of Cyber Incidents. The protocol serves as a framework for incident response in the country. The exercise was preceded by an input on the protocol by The Secretariat of Security and Civilian Protection (Spanish: Secretaría de Seguridad y Protección Ciudadana or SSPC).

The exercise was commissioned by the Deutsche Gesellschaft für Internationale Zusammenarbeit (GIZ) as part of the Trust4Cyber initiative and funded by the German Federal Ministry for Economic Cooperation and Development (BMZ). The GIZ México and GIZ HQ supported the organization of the exercise.