LGPD was an important step forward for cybersecurity in the country, but the lack of a digital security culture remains an obstacle
*By Flavia Brito
In recent years, Brazil has faced a significant increase in cybersecurity incidents. According to data from the Center for Studies, Response and Treatment of Security Incidents in Brazil (CERT.br), the country registered more than 2.3 million notifications of cyber incidents in 2023, an increase of almost 20% compared to the previous year. These numbers reveal the urgency of a robust national cybersecurity plan, since, with the increase in digitalization, vulnerabilities and risks increase.
Cybercrime in Brazil is on the rise, including ransomware attacks, phishing and financial fraud. Data from Check Point Research indicates that Brazil is the country most affected by ransomware in Latin America, accounting for more than 50% of the attacks reported in the region. This scenario not only exposes the weaknesses of financial and government institutions, but also leaves millions of Brazilians vulnerable.
The General Data Protection Law (LGPD), implemented in 2020, represents an important step forward for cybersecurity in Brazil. However, the lack of a digital security culture in companies and among citizens remains a significant obstacle. According to a PwC survey, around 50% of Brazilian companies claim to be not fully prepared to meet all the requirements of the LGPD. In addition, a Cisco survey revealed that more than 80% of Brazilians are still susceptible to phishing attacks, highlighting the need for digital education.
For Brazil to become more resilient to cyberattacks, it is essential that the government, companies and society act together. First, the public sector must increase investments in cyber infrastructure. In 2022, the federal government's budget for digital security was only R$1.4T 30 million, an insufficient amount in the face of the growing threat. In addition, investment in professional training is crucial. Data from the Brazilian Cybersecurity Association (ABCyber) indicates that the country faces a deficit of more than 400,000 qualified information security professionals.
On the other hand, companies need to adopt a more proactive stance in data protection. Implementing security protocols and constantly updating systems are fundamental practices. According to IBM research, the average cost of a data breach in Brazil is approximately R$1.5 million, which reveals the significant financial impact for companies that neglect cybersecurity.
Society also has an important role to play in mitigating cyber risks. Investing in awareness campaigns can be one of the most effective measures to reduce the number of attacks, since, as Symantec research reveals, more than 60% of incidents occur due to human error. Promoting a culture of digital security and including cybersecurity topics in school curricula are essential to prepare future generations for this digital scenario.
It is essential that Brazil treats cybersecurity as a matter of national sovereignty. The creation of a national cybersecurity plan, with long-term goals and investments, is an essential measure. This strategy should include modernizing legislation to keep up with the evolution of threats, as well as partnerships with other countries to share information and combat digital crimes.
In an increasingly interconnected world, Brazil needs to not only protect its critical infrastructures, but also ensure that digital security becomes a priority at all levels of society. Cybersecurity is not just a technical issue, but an essential pillar for the economy, the protection of privacy and the preservation of public trust. Therefore, it is time to act assertively and collaboratively to ensure a safer digital future for all Brazilians.
*Flávia Brito is CEO of Bidweb Security IT, Advisor to Porto Digital, VP of the Brazilian Association of Software Companies, ABES-P and PhD student in Software Engineering at CESAR School.
Notice: The opinion presented in this article is the responsibility of its author and not of ABES - Brazilian Association of Software Companies
Article originally published on the IT Forum website https://itforum.com.br/colunas/seguranca-cibernetica-brasil-desafios/
EN 
PT 
