In our latest Distilling Cyber Policy podcast episode, Alex Botting and Jen Ellis from the Center for Cybersecurity Policy & Law are joined by Paula Bogantes, the Costa Rican Minister of Science, Innovation, Technology and Telecommunications. Prior to this role, Paula served as Deputy Minister of Foreign Trade, and before this, as sector manager of numerous industries at Costa Rica’s Investment Promotion Agency (CINDE), as well as a consultant for international organizations such as the Inter-American Development Bank (IDB).

In April 2022, Costa Rica was subject to a devastating Conti ransomware attack, which affected over 27 different Costa Rican government entities and crippled government services for months. The impact was so severe that then-newly elected President Rodrigo Chaves Robles declared a state of national emergency. Paula discusses the impact of this attack for Costa Rica, how the country has responded, and cybersecurity lessons learned along the way. 

In the immediate aftermath, Paula noted the extensive work required to repair damage and recover data lost during the cyber attack. These efforts were buoyed by extensive support from the U.S., as well as Israel, Spain, and global industry. This international cooperation has only continued, with the U.S. Department of State committing $25 million to strengthen Costa Rica’s cyber defenses against threats from malicious actors, including to build a national Security Operations Center (SOC), as well as provide training and capacity-building.

Looking forward, Paula notes the numerous steps the government has and continues to take to strengthen its cybersecurity approach - such as the release of the Costa Rican 2023-2027 cybersecurity strategy, which includes a robust commitment to cybersecurity workforce development, as well as requirements for hiring dedicated cybersecurity personnel in every government ministry. The conversation concludes with a reminder for an incredible opportunity to keep engaging with cybersecurity issues in the region - DigiAmericas’ LATAM CISO Summit, which is taking place in Costa Rica from September 11 - 13. 

The news segment covered three main stories this episode:

• Alex flags the Senate confirmation of the United States’ first-ever Assistant Secretary of Defense for Cyber Policy. Congratulations to Michael Sulmeyer!
• Jen delves into the recently closed public consultation on Chile’s Cybersecurity Framework Law. For more on this, check out DigiAmericas comments.  
• Finally, Jen flags the recent updates to the EU Product Liability Directive and its potential implications for software outages. 

To spend more time with Minister Bogantes, we skipped Community Corner for this episode, but it’ll be back next episode, so let us know if you have suggestions for guests or projects we should cover.  

You can find the latest Distilling Cyber Policy episode on Spotify and Apple. As always, please share, like, and subscribe