New Horizons for Brazil’s Cyber Landscape
- Security Risk Management
- Crisis Response
New Horizons for Brazil’s Cyber Landscape
In the wake of Brazil’s national election in October, the largest country in South America stands on the cusp of a landmark transition with the selection of Jair Bolsonaro of the Social Liberal Party (PSL) and rejection of the Workers’ Party (PT) after more than a decade in power. As the country grapples with a formidable variety of challenges, from a struggling economy to corruption scandals to elevated crime rates, it is certain that the emergence of new leadership will shift the terrain of opportunity and risk in the Brazilian market. Amid the abundance of projections for the ways the Bolsonaro presidency may steer the country economically, politically and socially, one dimension remains unexplored: the future of Brazil’s cyber risk. Key factors stemming from Bolsonaro’s campaign promises indicate significant changes on the horizon for the Brazilian cyber landscape.
Cyber security as a national priority
During a long, tumultuous campaign, Bolsonaro defended a platform largely based on addressing the country’s troublesome security situation. He strategically highlighted his military background and championed a no-holds-barred approach to fighting crime as he promised to make security a top priority for his administration. In this context, it is likely that Brazil will see a revamp of its current cyber security posture over the course of Bolsonaro’s term in office. If the president-elect remains committed to his promises to improve overall security, cyber security is likely to register as a national security priority not far below fighting the country’s rampant crime and violence.
Cybercrime rates in Brazil have increased dramatically in recent years—as internet connectivity and mobility have advanced rapidly across the country—to present one of the most serious concerns for individuals and businesses living or operating in the country. Considering Brazil lacks a robust national governance roadmap in this area, the field is open for the Bolsonaro administration to make changes on this front.
Cyber security at a Federal level
At the federal level, responsibilities for cyber security are currently shared between the National Defense Council, the Cabinet of Institutional Security of the Presidency of the Republic, the Cyber Defense Center of the Brazilian Army, the Brazilian Intelligence Agency and the Ministry of Justice through the Department of Federal Police. While each of these governmental bodies will likely retain a seat at the table, there may be an effort to streamline and combine roles and responsibilities under a more centralized cyber security governance structure. After all, such an effort would align with another of Bolsonaro’s stated objectives: to reign in federal bureaucracy and simplify the ministries.
Meanwhile, on the legislative front, the Lei Geral de Proteção de Dados Pessoais (LGPDP), which was ratified in Congress in mid-2018, is slated to take effect over the coming 18 months. The law draws inspiration from Europe’s GDPR and marks Brazil’s first real attempt to tackle issues of digital privacy. With the rollout of this legislation, Brazil has the opportunity to assert its maturity in this field, build up momentum for further initiatives to enhance cyber security and seize a definitive leadership role in cyber security in Latin America.
As Brazil faces elevated rates of unemployment, sluggish growth and rising debt, the development of cyber security would also align with Bolsonaro’s stated objective to deliver economic opportunity and prosperity. Cybercrime remains a significant risk in Brazil and, as such, is a perennial concern for foreign businesses considering moving to or continuing operations in Brazil. As such, international businesses are likely to respond favorably if the new administration includes this risk in its plan to increase security across the country.
Cyber Security and Brazilian Foreign Policy
On the foreign policy front, Bolsonaro’s campaign made clear his intentions to reassess Brazil’s international outlook. He has expressed skepticism toward China, hostility toward Brazil’s nearby socialist neighbors and a desire to draw closer to the United States and Israel. These foreign policy initiatives, if pursued, could also have their own implications on the Brazilian cyber landscape.
In the case of Brazil-Israel relations, Bolsonaro’s friendly outreach—which has included a promise to move the Brazilian embassy to Jerusalem and an invitation to the Israeli prime minister to attend Bolsonaro’s inauguration—could pave the way for greater cooperation in the cyber realm between Brazil and Israel, a cyber security superpower. Israeli cyber security companies have been active in the Brazilian market, and both parties stand to gain from greater proximity.
Similar cyber cooperation agreements could be reached between the US and Brazil as part of a potential rapprochement not seen between the two countries since the fallout in 2012 from reports that the US had routinely spied on Brazil’s governmental affairs. With both countries under new administrations and an evident alignment of perspective between US President Donald Trump and Bolsonaro, beginning in 2019, the field may be ripe for the cultivation of a more collaborative relationship on multiple fronts, including cyber defense.
Conversely, should the new administration generate animosity with China, the result could be an increase in malicious cyber activity perpetrated against Brazilian interests by China, another cyber superpower. Brazil and China have a strategic trade relationship, with China remaining Brazil’s chief trading partner since 2009. As such, with the US-China relationship showing signs of fracture, China’s interests in Brazil could be more important than ever, raising the stakes of any confrontation.
An optimistic outlook
On January 1, 2019, Brazil’s new administration will take over a country confronting a wide array of challenges on practically all fronts: social, economic and political. Security—primarily in a domestic sense but not excluding the international arena—will surely be among the first priorities to be tackled, and cyber security is very likely to receive increased attention. Depending on the degree of resources deployed to address this pressing issue, Brazil’s cyber risk landscape has the potential to become far more hospitable and attractive to businesses of all kinds operating in the Brazilian market. While significant development in Brazil’s cyber security will likely take place over a period of years, at this time the country shows promising signs of following this course.