July 16, 2014
The Organization of American States (OAS) today held a National Awareness Raising Day on Cyber Security and Critical Infrastructure in Mexico City, the concluding event in a week that began with a National Workshop on the issue designed to help officials design policies to protect critical infrastructure and to ensure the use of security measures to deal with current threats.
During today’s event, organized by the Inter-American Committee against Terrorism (CICTE) of the OAS, and open to the public, experts from the United States, Canada, Argentina, Mexico, and Spain presented case studies on cyber incidents at industrial installations and discussed mitigation strategies and techniques that can and have been taken in critical sectors.
On Monday and Tuesday, the National Workshop on Cyber Security and Critical Infrastructure Protection, held in the Technological Museum of the Mexican Federal Electricity Commission (CFE), was divided into two tracks: an executive track for high level officials, and a technical track for security engineers and specialists. Leading the executive portion of the event were two specialists from the Industrial Cyber Security Center (CCI, for its initials in Spanish) of Spain. Sessions in this track were interactive and designed to help Mexican officials improve and devise new policies and procedures designed to strengthen the resilience of the country’s critical infrastructures. The Spanish instructors shared their experience in securing critical infrastructures in Spain and around the world, and led participants in ensuring that operations and strategies to protect their respective infrastructures are adequate to confront cyber threats that are growing in number and sophistication. At the conclusion of the workshop, the attendees had generated concrete measures and plans to strengthen the resiliency of the infrastructures they own and operate.
The technical track of the workshop, aimed at engineers and specialists tasked with ensuring the hard- and software of Mexican critical infrastructure sectors, focused on the theory and practice involved in securing various industrial control systems (ICS) and processes. It was led by instructors from the Industrial Control Systems Computer Emergency Response Team (ICS-CERT) of the United States Department of Homeland Security (DHS), which has been a pioneer in cyber security-related ICS research.
The Director of ICS-CERT, Marty Edwards, said "The increased number of incidents in critical infrastructure can only be addressed through this type of successful cooperation between the U.S., Mexico and Canada. We not only share critical infrastructure dependencies but also a responsibility to work together to protect the same. This effort by the OAS is an important step toward securing our shared responsibilities."
The Mexican national oil company, PEMEX, provided additional support in the organization of the workshop. Aside from CFE and PEMEX, participants came from a variety of Mexican institutions, including the Federal Police, the Mexican National Computer Emergency Response Team—CERT-MX, the Navy, and the Attorney General’s Office.
The event came on the heels of a joint OAS-Symantec cyber security report issued in June that detailed the state of cyber security in OAS Member States. As related by the Mexican Government and described in the report, in 2013 there was an increase of 113% in the number of cyber incidents in the country as compared to 2012. through April of this year, Mexican officials confirmed an increase over 2013 levels of as much as 300%, an increase due in part to improvements in intrusion detection technologies newly deployed by Mexican government institutions.
The opening ceremony for the event was attended by senior officials from PEMEX, the CFE, the OAS, and the Governments of Mexico, the United States, and Canada, who continue to support the initiatives of the OAS/CICTE Cyber Security Program.
For more information, please visit the OAS Website at www.oas.org.