In Mexico, supply chain attacks and the alleged breach of Ministry of Navy underscore systemic exposure, while globally, nation-state actors exploit industrial systems like those from Rockwell Automation. The implication for leadership is that cybersecurity is turning into an enterprise-wide risk function, where human behavior, third-party dependencies, and AI-driven attack vectors redefine the role of the CISO.
Ready? This is your Week in Cybersecurity!
News
Many Mexican Firms Hit by Supply Chain Cyberattacks: Kaspersky
Supply chain cyberattacks in Mexico reached a critical threshold as 43% of organizations reported incidents in the last 12 months, reveals Kaspersky. These figures place the country above the global average and highlight a significant rise in threats targeting trust-based corporate relationships.
Alleged Breach at SEMAR Sparks Security Risk
A cybersecurity journalist reports that the Ministry of the Navy (SEMAR) experienced a data exfiltration from its Safe Smart Port (PIS) platform, affecting 640,000 port operators. A threat actor identified as “marssepe” from the group Sociedad Privada 157 leaked 39.7GB of sensitive information on a public forum.
Indra Group Expands in Mexico, Opens Office in the State of Mexico
Indra Group inaugurated new corporate offices in Parque Toreo in the State of Mexico as part of its strategy to strengthen its presence in the country and expand its role in digital transformation projects across Latin America. The new facilities complement the company’s existing operations in Mexico City, Queretaro, Merida, and Monterrey, aligning Indra Group’s plans to achieve double-digit sales growth and create new jobs in Mexico over the next three years.
Iran-Linked Hackers Target US Critical Infrastructure: FBI
Iranian-affiliated actors are exploiting internet-facing Rockwell Automation programmable logic controllers, report the US Federal Bureau of Investigation (FBI), the Cybersecurity and Infrastructure Security Agency (CISA), and the National Security Agency (NSA). These malicious activities target project files and human machine interface displays, causing operational disruptions and financial losses across multiple US critical infrastructure sectors.
MBN Experts
CISOs Gain Strategic Role as Cyber Risks Intensify
As 93% of Mexican organizations race to deploy AI agents by 2027, Proofpoint is redefining security for the “agentic workspace.” Following the acquisition of Acuvity, the firm is moving beyond traditional email protection to secure the interactions between humans and AI agents, where “prompt engineering” has become the new social engineering. With Mexican CISOs ranking human vulnerability as the top threat globally, Proofpoint’s new Satori platform introduces behavioral guardrails and AI-driven automation to ensure that rapid innovation doesn’t come at the cost of catastrophic data loss. Read the full interview with Luis Isselin, Country Manager, Proofpoint, on MBN!
Driving Business Value Through Advanced Cybersecurity
With AI-driven attacks in Mexico skyrocketing 89% year-over-year, the window between vulnerability and exploit has shrunk from weeks to minutes. Borealix is countering this “new baseline” by moving beyond basic compliance to offer behavior-based detection and “secure by design” application development. By integrating auditor-developers and automated guardrails, the firm helps Mexican SMEs and regulated fintechs bridge the gap between rapid digital innovation and the escalating risk of autonomous, AI-led breaches. Read the full interview with Juan Carlos Calderón, CEO, Borealix, on MBN!
