Mexico faces a projected 70% increase in mobile malware attacks in 2025, a statistic that positions the country as the second most targeted in Latin America, reports Alianza Mexico Ciberseguro. This threat has catalyzed a coordinated response between the public and private sectors to strengthen national legislation and international cooperation frameworks, particularly within the context of the USMCA review.
In 2024, Mexico recorded over 6 million cyber fraud incidents, leading to economic losses exceeding MX$20 billion (US$1.082 million), reports the Alianza Mexico Ciberseguro during the during the second National Cybersecurity Forum.
This financial impact underscores the need for a formal regulatory structure. “It is essential to promote a collective effort that leads to the creation of a cybersecurity legislation and strategy capable of offering a solid governance framework,” says Claudia Escoto, Co-President, Second National Cybersecurity Forum of Alianza Mexico Ciberseguro.
According to industry analysts, the time required to compromise a network is minimal, which narrows the window for detection and response. Bert Milan, Regional Vice President for Latin America, Palo Alto Networks, warns that a malicious actor can breach a network in an average of 24 minutes, enough time to exfiltrate credentials and sensitive information without being detected.
In response to this high-risk environment, the federal government has begun to institutionalize its defense capabilities. Heidy Rocha, Head of the Cybersecurity General Directorate, Agency of Digital Transformation and Telecommunications (ATDT), says that while there has been significant progress, challenges in early detection and incident tracking persist.
The creation of the Cybersecurity General Directorate aimed to centralize and coordinate cybersecurity efforts nationwide. “Digital development is only possible through cooperation, shared responsibility and a long-term vision,” says Rocha.
The national cybersecurity strategy extends beyond domestic policy, integrating into trade negotiations and international treaties. A primary focus is the upcoming review of the USMCA, where Mexico’s Information Technology (IT) industry aims to strengthen and modernize Chapter 19. This chapter covers topics critical to the digital economy, such as cybersecurity, AI, the free flow of cross-border data, and intellectual property protection.
The Mexican Association of Information Technology Industries (AMITI) is preparing the private sector’s official positions for the renegotiation. The goal is to ensure the treaty promotes a competitive and secure digital strategy for Mexico.
A tangible result of this public-private collaboration is AMITI’s donation of security credentials for government employees, with implementation scheduled for January 2026. This initiative strengthens the government’s internal capabilities and has earned international recognition. The US Cybersecurity and Infrastructure Security Agency (CISA) has acknowledged the progress Mexico has made in this area.
USMCA negotiations will address other critical areas like intellectual property. The Mexican government must present alternatives for copyright protection before November, a process involving active collaboration between the public and private sectors. The negotiation timeline will intensify when public hearings begin in the United States on Nov. 17, with discussions set to cover technology, electronics, and the semiconductor supply chain.
