THE GOVERNMENT ENACTS THE NATIONAL STRATEGY ON CYBERSECURITY (E-CYBER)

13 Feb THE GOVERNMENT ENACTS THE NATIONAL STRATEGY ON CYBERSECURITY (E-CYBER)

Decree No. 10.222/2020 was published last Thursday, February 6th, enacting the National Strategy on Cybernetic Security (“E-Cyber”), as a general guideline from the Federal Government over the main measures and actions it must undertake, both nationally and abroad, regarding cybernetic defense, infrastructure security, classified information security and protection against data leaks from 2020 to 2023.

E-Cyber was enacted as one of the steps to be implemented from the National Policy on the Security of Information, established by Decree No. 9.637/2018, that provides principles, goals, tools, responsibilities, and powers over the information security to authorities and entities from the Federal Public Administration.

E-Cyber´s strategic goals are: (i) contribute to create a more prosperous and reliable digital environment in Brazil; (ii) enhance Brazilian resiliency to cybernetic threats and strengthen Brazilian actions regarding cybernetic security on the global scene. Some of the measures to reach those goals are:

• Strengthen cyber governance actions;
• Establish a centralized governance model at the national level;
• Promote a democratic, collaborative, reliable and safe environment, between the public sector, the private sector, and society;
• Raise the level of government protection;
• Raise the level of protection of National Critical Infrastructures;
• Improve the legal framework on cybersecurity;
• Encourage innovative solutions in cybersecurity;
• Expand Brazil’s international cooperation in cybersecurity;
• Expand the partnership, in cybersecurity, between the public sector, the private sector, academia and society; and
• Raise the maturity level of society in cybersecurity.

The E-Cyber Decree does not clarify specific aspects of a general legislation on cybersecurity, even though it presented a direct recommendation in this sense. It is possible that data protection aspects may be taken into appreciation and that this topic may not be put on the agenda until the definitive creation of the National Data Protection Agency (“ANPD”). Like ANPD, the Institutional Security Office – the body that coordinated the E-Cyber – is an entity connected to the Presidency of the Republic.

This article is intended exclusively to provide information and does not contain any opinion, recommendation or legal advice from KGV Advogados concerning the matters herein addressed. Copyrights are reserved to Kestener, Granja & Vieira Advogados.