Cullen International’s latest research shows that most national cybersecurity strategies in the Americas do not create binding obligations for the private sector. Instead, they set policy goals which include improving public organisations' cybersecurity preparedness and strengthening the response to incidents.
When there are binding obligations for private entities, these may involve requiring them to implement a risk assessment and management policy. The USA requires vendors to the federal government to manage cybersecurity risks in their supply chain.
Countries such as Brazil and Mexico have legislative proposals on cybersecurity with varying scopes. Even in such countries that do not currently have binding obligations for private entities, the proposed new laws signal the authorities' concern with cybersecurity and may lead to future obligations.
To access the full benchmark, please click on “Access the full content” - or on “Request Access”, in case you are not subscribed to our Americas Digital Economy service.
more news
30 March 26
Transposition status of key EU environmental directives
Our latest benchmark contains summary information on the transposition status of six key EU environmental directives.
26 March 26
What are New Competition Tools and who wields them?
Our new benchmark surveys which European countries have introduced so-called new competition tools (NCTs), also known as market investigation powers. NCTs enable competition authorities to intervene in markets without establishing an infringement of antitrust rules.
25 March 26
Measures to improve cost transparency for telecoms consumers in Europe
Cullen International’s latest benchmark shows measures in place in 13 European countries to ensure that end users are aware of their consumption behaviour and protected against bill shock.