Download Uruguayan Defense Minister Creates National - Dialogo

Uruguayan Defense Minister Creates National Computer
Security Incident Response Center
The Defense Minister of Uruguay is preparing to strengthen the country against cyber attacks by creating
the National Computer Security Incident Response Center (CERTUY).
Julieta Pelcastre
|
9 March 2015
The Defense Minister of Uruguay is preparing to strengthen the country against cyber attacks by creating
the National Computer Security Incident Response Center (CERTUY).
The center aims to protect everything from databases to the country’s satellites. It also will work with
domestic and international organizations to strengthen the security of Uruguay’s information technology.
CERTUY was created through a decree signed by former president José Mujica (who left office March 1 and
was succeeded by President Tabaré Vázquez), and Defense Minister Eleuterio Fernández Huidobro “with
the task of preventing, treating, and managing cybersecurity incidents that may arise in the context of
national security,” according to a January 27 press release from the Office of the President of Uruguay.
The new organization will work with all of the country’s institutions in all areas related to the Ministry of
Defense and it will coordinate all activities related to the management of cyber incidents, explained Roberto
Ambrosini, co-director of the Cyber-Security Course at the Center for Higher National Studies at the Defense
College of Uruguay.
The work will be done in coordination with CERTUY, under the Electronic Government Development Agency
(AGESIC), which is part of the Executive Branch.
“We have been working for years on the issue because advances in technology create some vulnerabilities.
The objectives are to mitigate, prepare for, and manage all of the characteristics of cybercrimes in the area
of Defense,” said Undersecretary of the Ministry of Defense Jorge Menéndez, according to news daily El
Espectador on February 6.
“This is an issue that also goes beyond national boundaries and exposes us to global actions. The world is
globalized and full of uncertainty. We have to work on developing strategic intelligence,” Menéndez added.
Critical infrastructures and essential services are priorities
The personnel at the response center will specialize in different areas of cyber-defense. “There are
differences in what you need to know to prevent an attack on the financial system and what you need to
know to prevent an attack on the country’s radars,” AGESIC Executive Director José Clastornik said,
according to news daily El Observador on January 31.
In addition to developing capabilities for the early detection and prevention of computer security incidents,
the new unit will "effectively and efficiently" respond to IT incidents involving critical infrastructure and
essential services, according to the Office of the President.
The cyber-defense team will classify incidents based on their level of importance and impact on the
functionality of the state, according to Ambrosini. In the case of multiple incidents, CERTUY must decide
which is the most important, in order to devote more resources.
For example, priorities would include the centers for command and control of the Navy, shipping lines, and
airports.
Proactive and reactive services will be offered
The response center will provide both proactive and reactive services.
Reactive services include providing technical and logistical support in order to mitigate the impact of
cybersecurity incidents, coordinating the incident response initiatives, and providing centralized reporting
regarding all security incidents on record.
Proactive services include researching, developing, and maintaining policies, standards, procedures,
techniques, tools, and best practices that improve information security.
The center will provide other proactive services including the periodic analysis of the risks associated with
information assets, the training of the response team members and their designated supervisors, and
collaboration with other centers and response teams at the national and international levels to address
cybersecurity incidents.
There are also plans to integrate and exchange computer security knowledge with educational institutions.
The cybersecurity area is composed of three main branches: technical, technological, and the generation of
policies and procedures for managing security, according to Ambrosini.
Uruguay ranks high on Global Cybersecurity Index
The Global Cybersecurity Index released in December 2014 by the International Telecommunication Union
(ITU) ranks Uruguay eighth in the world in cybersecurty capabilities, according to a CERTUY press release
issued on December 26, 2014.
In the first half of 2014, there were 306 cybersecurity incidents in Uruguay. Incidents are defined as any
attempt, successful or not, to carry out an information technology attack, according to CERTUY.
“The increase in incident detection year after year is due to the implementation of new detection systems,
which contribute to active responses,” the CERTUY website reports.
According to Ambrosini, “both at the national and international levels, the center is well-regarded. It has
been working with response teams from the OAS [Organization of American States] and the CERTUY for
some time. What has happened has been a formalization of the issue.”
“Following the line traced by all response teams, we expect to be successful, but keep a humble attitude in
order to learn from others and a willingness to collaborate to respond to cyber-incidents and resolve them
as quickly as possible.”
Copyright  2017 Diálogo Americas.
All Rights Reserved.