What are the main challenges that Brazil faces to prevent threats in the cybersecurity field, such as cyber attacks? Who are the social actors with a key role in this theme? How can they work together to mitigate existing risks? The search for answers to these questions encouraged the Igarapé Institute to systematize, analyze and gather the existing knowledge on Brazil’s cybersecurity governance landscape.

 

The Brazilian Cybersecurity Portal gathers analyzes, research, norms and other documents on national cybersecurity. Thus, it intends to strengthen the skills for a collective action by the civil society, the academic community, the public authorities and the private sector in order to build a more secure, cooperative, resilient and sustainable digital environment.

IGARAPÉ INSTITUTE
Adobe Illustrator CS6 (Windows) 2020-07-28T15:51:55+02:00 192 256 JPEG /9j/4AAQSkZJRgABAgEASABIAAD/7QAsUGhvdG9zaG9wIDMuMAA4QklNA+0AAAAAABAASAAAAAEA AQBIAAAAAQAB/+4ADkFkb2JlAGTAAAAAAf/bAIQABgQEBAUEBgUFBgkGBQYJCwgGBggLDAoKCwoK DBAMDAwMDAwQDA4PEA8ODBMTFBQTExwbGxscHx8fHx8fHx8fHwEHBwcNDA0YEBAYGhURFRofHx8f Hx8fHx8fHx8fHx8fHx8fHx8fHx8fHx8fHx8fHx8fHx8fHx8fHx8fHx8fHx8f/8AAEQgBAADAAwER AAIRAQMRAf/EAaIAAAAHAQEBAQEAAAAAAAAAAAQFAwIGAQAHCAkKCwEAAgIDAQEBAQEAAAAAAAAA AQACAwQFBgcICQoLEAACAQMDAgQCBgcDBAIGAnMBAgMRBAAFIRIxQVEGE2EicYEUMpGhBxWxQiPB UtHhMxZi8CRygvElQzRTkqKyY3PCNUQnk6OzNhdUZHTD0uIIJoMJChgZhJRFRqS0VtNVKBry4/PE 1OT0ZXWFlaW1xdXl9WZ2hpamtsbW5vY3R1dnd4eXp7fH1+f3OEhYaHiImKi4yNjo+Ck5SVlpeYmZ qbnJ2en5KjpKWmp6ipqqusra6voRAAICAQIDBQUEBQYECAMDbQEAAhEDBCESMUEFURNhIgZxgZEy obHwFMHR4SNCFVJicvEzJDRDghaSUyWiY7LCB3PSNeJEgxdUkwgJChgZJjZFGidkdFU38qOzwygp 0+PzhJSktMTU5PRldYWVpbXF1eX1RlZmdoaWprbG1ub2R1dnd4eXp7fH1+f3OEhYaHiImKi4yNjo +DlJWWl5iZmpucnZ6fkqOkpaanqKmqq6ytrq+v/aAAwDAQACEQMRAD8A4NiyfVn/ADiL/wAoVrP/ AG0v+ZEeLEvdsVdirsVdirsVdirsVdirsVfAP5mf+TH81/8AbY1D/qKkxS9k/wCcPf8AjpeZ/wDj Daf8TlxUvprFDsVdirsVdirsVdirsVdir4l/5yM/8nL5h/6M/wDqBgxSE7/5xU/8mfL/ANs24/5O RYqXjmKX1Z/ziL/yhWs/9tL/AJkR4sS92xV2KuxV2KuxV2KuxV2KuxV8A/mZ/wCTH81/9tjUP+oq TFL2T/nD3/jpeZ/+MNp/xOXFS+msUOxV2KuxV2KuxV2KuxV2KviX/nIz/wAnL5h/6M/+oGDFITv/ AJxU/wDJny/9s24/5ORYqXjmKX1Z/wA4i/8AKFaz/wBtL/mRHixL3bFXYq7FXYq7FXYq7FXYq7FX wD+Zn/kx/Nf/AG2NQ/6ipMUvZP8AnD3/AI6Xmf8A4w2n/E5cVL6axQ7FXYq7FXYq7FXYq7FXYq+J f+cjP/Jy+Yf+jP8A6gYMUhO/+cVP/Jny/wDbNuP+TkWKl45il9Wf84i/8oVrP/bS/wCZEeLEvdsV dirsVdirsVdirsVdirsVfAP5mf8Akx/Nf/bY1D/qKkxS9k/5w9/46Xmf/jDaf8TlxUvprFDsVdir sVdirsVdirsVdir4l/5yM/8AJy+Yf+jP/qBgxSE7/wCcVP8AyZ8v/bNuP+TkWKl45il9Wf8AOIv/ AChWs/8AbS/5kR4sS92xV2KuxV2KuxV2KuxV2KuxV8A/mZ/5MfzX/wBtjUP+oqTFL2T/AJw9/wCO l5n/AOMNp/xOXFS+msUOxV2KuxV2KuxV2KuxV2KviX/nIz/ycvmH/oz/AOoGDFITv/nFT/yZ8v8A 2zbj/k5FipeOYpfVn/OIv/KFaz/20v8AmRHixL3bFXYq7FXYq7FXYq7FXYq7FXwD+Zn/AJMfzX/2 2NQ/6ipMUvZP+cPf+Ol5n/4w2n/E5cVL6axQ7FXYq7FXYq7FXYq7FXYq+Jf+cjP/ACcvmH/oz/6g YMUhO/8AnFT/AMmfL/2zbj/k5FipeOYpfVn/ADiL/wAoVrP/AG0v+ZEeLEvdsVdirsVdirsVdirs VdirsVfAP5mf+TH81/8AbY1D/qKkxS9k/wCcPf8AjpeZ/wDjDaf8TlxUvprFDsVdirsVdirsVdir sVdir4l/5yM/8nL5h/6M/wDqBgxSE7/5xU/8mfL/ANs24/5ORYqXjmKX1Z/ziL/yhWs/9tL/AJkR 4sS92xV2KuxV2KuxV2KuxV2KuxV8A/mZ/wCTH81/9tjUP+oqTFL2T/nD3/jpeZ/+MNp/xOXFS+ms UOxV2KuxV2KuxV2KuxV2KviX/nIz/wAnL5h/6M/+oGDFITv/AJxU/wDJny/9s24/5ORYqXjmKX1Z /wA4i/8AKFaz/wBtL/mRHixL3bFXYq7FXYq7FXYq7FXYq7FXwD+Zn/kx/Nf/AG2NQ/6ipMUvZP8A nD3/AI6Xmf8A4w2n/E5cVL6axQ7FXYq7FXYq7FXYq7FXYq+Jf+cjP/Jy+Yf+jP8A6gYMUhO/+cVP /Jny/wDbNuP+TkWKl45il9Wf84i/8oVrP/bS/wCZEeLEvdsVdirsVdirsVdirsVdirsVfAP5mf8A kx/Nf/bY1D/qKkxS9k/5w9/46Xmf/jDaf8TlxUvprFDsVdirsVdirsVdirsVdir4l/5yM/8AJy+Y f+jP/qBgxSE7/wCcVP8AyZ8v/bNuP+TkWKl45il9Wf8AOIv/AChWs/8AbS/5kR4sS92xV2KuxV2K uxV2KuxV2KuxV8A/mZ/5MfzX/wBtjUP+oqTFL2T/AJw9/wCOl5n/AOMNp/xOXFS+msUOxV2KuxV2 KuxV2KuxV2KviX/nIz/ycvmH/oz/AOoGDFITv/nFT/yZ8v8A2zbj/k5FipeOYpfVn/OIv/KFaz/2 0v8AmRHixL3bFXYq7FXYq7FXYq7FXYq7FXwD+Zn/AJMfzX/22NQ/6ipMUvZP+cPf+Ol5n/4w2n/E 5cVL6axQ7FXYq7FXYq7FXYq7FXYq+Jf+cjP/ACcvmH/oz/6gYMUhO/8AnFT/AMmfL/2zbj/k5Fip eOYpfVn/ADiL/wAoVrP/AG0v+ZEeLEvdsVdirsVdirsVdirsVdirsVfAP5mf+TH81/8AbY1D/qKk xS9k/wCcPf8AjpeZ/wDjDaf8TlxUvprFDsVdirsVdirsVdirsVdir4l/5yM/8nL5h/6M/wDqBgxS E7/5xU/8mfL/ANs24/5ORYqXjmKX1Z/ziL/yhWs/9tL/AJkR4sS92xV2KuxV2KuxV2KuxV2KuxV8 A/mZ/wCTH81/9tjUP+oqTFL2T/nD3/jpeZ/+MNp/xOXFS+msUOxV2KuxV2KuxV2KuxV2KviX/nIz /wAnL5h/6M/+oGDFITv/AJxU/wDJny/9s24/5ORYqXjmKX1Z/wA4i/8AKFaz/wBtL/mRHixL3bFX Yq7FXYq7FXYq7FXYq7FXwD+Zn/kx/Nf/AG2NQ/6ipMUvZP8AnD3/AI6Xmf8A4w2n/E5cVL6axQ7F XYq7FXYq7FXYq7FXYq+Jf+cjP/Jy+Yf+jP8A6gYMUhO/+cVP/Jny/wDbNuP+TkWKl45il9Wf84i/ 8oVrP/bS/wCZEeLEvdsVdirsVdirsVdirsVdirsVfAP5mf8Akx/Nf/bY1D/qKkxS9k/5w9/46Xmf /jDaf8TlxUvprFDsVdirsVdirsVdirsVdir4l/5yM/8AJy+Yf+jP/qBgxSE7/wCcVP8AyZ8v/bNu P+TkWKl45il9Wf8AOIv/AChWs/8AbS/5kR4sS92xV2KuxV2KuxV2KuxV2KuxV8A/mZ/5MfzX/wBt jUP+oqTFL2T/AJw9/wCOl5n/AOMNp/xOXFS+msUOxV2KuxV2KuxV2KuxV2KviX/nIz/ycvmH/oz/ AOoGDFITv/nFT/yZ8v8A2zbj/k5FipeOYpfVn/OIv/KFaz/20v8AmRHixL3bFXYq7FXYq7FXYq7F XYq7FXwD+Zn/AJMfzX/22NQ/6ipMUvZP+cPf+Ol5n/4w2n/E5cVL6axQ7FXYq7FXYq7FXYq7FXYq +Jf+cjP/ACcvmH/oz/6gYMUhO/8AnFT/AMmfL/2zbj/k5FipeOYpfVn/ADiL/wAoVrP/AG0v+ZEe LEvdsVdirsVdirsVdirsVdirsVfAP5mf+TH81/8AbY1D/qKkxS9k/wCcPf8AjpeZ/wDjDaf8TlxU vprFDsVdirsVdirsVdirsVdir4l/5yM/8nL5h/6M/wDqBgxSE7/5xU/8mfL/ANs24/5ORYqXjmKX 1Z/ziL/yhWs/9tL/AJkR4sS92xV2KuxV2KuxV2KuxV2KuxV8A/mZ/wCTH81/9tjUP+oqTFL2T/nD 3/jpeZ/+MNp/xOXFS+msUOxV2KuxV2KuxV2KuxV2KviX/nIz/wAnL5h/6M/+oGDFITv/AJxU/wDJ ny/9s24/5ORYqXjmKX1Z/wA4i/8AKFaz/wBtL/mRHixL3bFXYq7FXYq7FXYq7FXYq7FXwD+Zn/kx /Nf/AG2NQ/6ipMUvZP8AnD3/AI6Xmf8A4w2n/E5cVL6axQ7FXYq7FXYq7FXYq7FXYq+Jf+cjP/Jy +Yf+jP8A6gYMUhO/+cVP/Jny/wDbNuP+TkWKl45il9Wf84i/8oVrP/bS/wCZEeLEvdsVdirsVdir sVdirsVdirsVfAP5mf8Akx/Nf/bY1D/qKkxS9k/5w9/46Xmf/jDaf8TlxUvprFDsVdirsVdirsVd irsVdir4l/5yM/8AJy+Yf+jP/qBgxSE7/wCcVP8AyZ8v/bNuP+TkWKl45il9Wf8AOIv/AChWs/8A bS/5kR4sS92xV2KuxV2KuxV2KuxV2KuxV8A/mZ/5MfzX/wBtjUP+oqTFL2T/AJw9/wCOl5n/AOMN p/xOXFS+msUOxV2KuxV2KuxV2KuxV2KviX/nIz/ycvmH/oz/AOoGDFITv/nFT/yZ8v8A2zbj/k5F ipeOYpfVn/OIv/KFaz/20v8AmRHixL3bFXYq7FXYq7FXYq7FXYq7FXwD+Zn/AJMfzX/22NQ/6ipM UvZP+cPf+Ol5n/4w2n/E5cVL6axQ7FXYq7FXYq7FXYq7FXYq+Jf+cjP/ACcvmH/oz/6gYMUhO/8A nFT/AMmfL/2zbj/k5FipeOYpfVn/ADiL/wAoVrP/AG0v+ZEeLEvdsVdirsVdirsVdirsVdirsVfA P5mf+TH81/8AbY1D/qKkxS9k/wCcPf8AjpeZ/wDjDaf8TlxUvprFDsVdirsVdirsVdirsVdir4l/ 5yM/8nL5h/6M/wDqBgxSE7/5xU/8mfL/ANs24/5ORYqXjmKX1Z/ziL/yhWs/9tL/AJkR4sS92xV2 KuxV2KuxV2KuxV2KuxV8A/mZ/wCTH81/9tjUP+oqTFL2T/nD3/jpeZ/+MNp/xOXFS+msUOxV2Kux V2KuxV2KuxV2KviX/nIz/wAnL5h/6M/+oGDFITv/AJxU/wDJny/9s24/5ORYqXjmKX1Z/wA4i/8A KFaz/wBtL/mRHixL3bFXYq7FXYq7FXYq7FXYq7FXwD+Zn/kx/Nf/AG2NQ/6ipMUvZP8AnD3/AI6X mf8A4w2n/E5cVL6axQ7FXYq7FXYq7FXYq7FXYq+Jf+cjP/Jy+Yf+jP8A6gYMUhO/+cVP/Jny/wDb NuP+TkWKl45il9Wf84i/8oVrP/bS/wCZEeLEvdsVdirsVdirsVdirsVdirsVfAP5mf8Akx/Nf/bY 1D/qKkxS9k/5w9/46Xmf/jDaf8TlxUvprFDsVdirsVdirsVdirsVdir4l/5yM/8AJy+Yf+jP/qBg xSE7/wCcVP8AyZ8v/bNuP+TkWKl45il9Wf8AOIv/AChWs/8AbS/5kR4sS92xV2KuxV2KuxV2KuxV 2KuxV8A/mZ/5MfzX/wBtjUP+oqTFL2T/AJw9/wCOl5n/AOMNp/xOXFS+msUOxV2KuxV2KuxV2Kux V2KviX/nIz/ycvmH/oz/AOoGDFITv/nFT/yZ8v8A2zbj/k5FipeOYpfVn/OIv/KFaz/20v8AmRHi xL3bFXYq7FXYq7FXYq7FXYq7FXwD+Zn/AJMfzX/22NQ/6ipMUvZP+cPf+Ol5n/4w2n/E5cVL6axQ 7FXYq7FXYq7FXYq7FXYq+Jf+cjP/ACcvmH/oz/6gYMUhO/8AnFT/AMmfL/2zbj/k5FipeOYpfVn/ ADiL/wAoVrP/AG0v+ZEeLEvdsVdirsVdirsVdirsVdirsVfAP5mf+TH81/8AbY1D/qKkxS9k/wCc Pf8AjpeZ/wDjDaf8TlxUvprFDsVdirsVdirsVdirsVdir4l/5yM/8nL5h/6M/wDqBgxSE7/5xU/8 mfL/ANs24/5ORYqXjmKX1Z/ziL/yhWs/9tL/AJkR4sS92xV2KuxV2KuxV2KuxV2KuxV8A/mZ/wCT H81/9tjUP+oqTFL2T/nD3/jpeZ/+MNp/xOXFS+msUOxV2KuxV2KuxV2KuxV2KviX/nIz/wAnL5h/ 6M/+oGDFITv/AJxU/wDJny/9s24/5ORYqX//2Q== 5.996533 8.113889 Millimeters 1 False False Black Default Swatch Group 0 image/svg+xml

CYBERSECURITY IN BRAZIL:
AN ANALYSIS OF THE NATIONAL STRATEGY

In 2020, the Brazilian federal government published its first National Cybersecurity Strategy (E-Ciber), indicating for the first time, how it intends to establish a whole-of-society approach to cybersecurity policies and guidelines. 

 

The strategic paper “Cybersecurity in Brazil: an analysis of the national strategy”, by the Igarapé Institute, looks into the E-Ciber and presents recommendations for a multistakeholder vision for cybersecurity governance. The study positions the Strategy historically, reviews the strategic objectives in light of other international experiences and provides recommendations for its implementation.

read the publication   +

We identified 6 challenges

The absence of a shared vocabulary when referring to cybersecurity/digital issues in society.

The association of cybersecurity with military affairs, responsibilities and institutions.

Lack of understanding regarding specific and shared digital risks across sectors.

The absence of mechanisms for sharing information regarding security risks/threats and knowledge across sectors.

Lack of normative, strategic, and operational alignment for incident response.

The existence of various cybersecurity maturity levels throughout society.

WE PRESENT 6 RECOMMENDATIONS

Public oversight of the E-Ciber could enhance transparency and accountability in monitoring how strategic objectives are being met. To do so, we recommend the publication of an annual report detailing the achievements and challenges for implementing the E-Ciber.

Establish communication channels with civil society and recognize its role as an important actor with experience in training programs. This communication will be fundamental for a more transparent discussion about national cybersecurity and for the inclusion of human rights as a fundamental element in the FPA’s cybersecurity agenda.

Improve public and private sector information sharing mechanisms related to incidents and vulnerabilities, and establish directives for coordinated vulnerability disclosure. Guides and reports with recommendations from the government on this topic should be accessible to the whole of society.

Although the Strategy includes consultation mechanisms like the Council, its implementation also depends on improving communication between GSI, CSOs and academic groups (from the humanities and from the natural sciences). To this end, it is imperative that GSI construct a communication and outreach to engage more effectively with these groups.

Assess GSI’s internal capacities vis à vis expanding its roles and responsibilities in national cybersecurity. Future efforts should prioritize multistakeholder implementation plans.

Evaluate timing and/or necessity of a Cybersecurity Bill avoiding further confusion between cybersecurity and other themes, such as disinformation.

read the publication   +