From normative frameworks to strategy: why Chile needs strategic direction in cybersecurity.

Chile is in the process of consolidating its cybersecurity institutional framework, yet the global environment demands more than regulatory compliance. In the face of the “militarization” of cyberspace and the prepositioning of major powers within critical networks, the country must transition from incident management toward a strategic approach to digital security.

Over the past decade, Chile has made significant progress in building an institutional and regulatory framework to address risks associated with cyberspace. This process reflects a broader shift in how the issue is understood: cybersecurity is no longer conceived solely as a technical matter related to the protection of information systems, but also as a domain directly linked to national security, state resilience, and the protection of critical infrastructure.

Among the most relevant developments are the 2024 Framework Law on Cybersecurity and Critical Information Infrastructure[1], the creation of the National Cybersecurity System, and the establishment of the National Cybersecurity Agency (ANCI) as the central authority responsible for coordinating prevention, management, and response to incidents affecting essential services and critical operators. This legal framework is complemented by the second version of the National Cybersecurity Policy (2023–2028)[2], which aims to ensure resilient infrastructure, protect individuals’ rights online, and promote a culture of cybersecurity. In parallel, the defense sector is consolidating its own strategic architecture, with the National Cyber Defense Policy recognizing cyberspace as an operational domain relevant to national security.

The implementation of this institutional framework has begun to produce results. At the international level, Chile has significantly improved its position in various cybersecurity indicators. In the National Cyber Security Index, developed by the e-Governance Academy Foundation of Estonia[3], the country moved from 53rd place in 2023 to 25th in 2026, reaching first place in Latin America. Similarly, in the ITU Global Cybersecurity Index[4], Chile is currently classified among countries in a “maturing” stage, ranking among the leaders in the region. At the regional level, the 2025 Cybersecurity Report by the Inter-American Development Bank and the Organization of American States[5] places Chile first among thirty countries in Latin America and the Caribbean, achieving the highest overall score and strong performance in more than half of the evaluated indicators. Besides, last year Chilean National Cybersecurity Agency reported progress in strengthening incident management, increasing the number of supervised critical operators, and consolidating protection standards across government networks[6].

However, these advances are taking place in an international context where cyberspace has become a central arena of strategic competition among states, challenging traditional notions of sovereignty and security. A clear example is Operation Gridtide, analyzed by Google and Mandiant[7], which identified a cyber espionage campaign targeting government entities and key economic sectors across multiple regions. Such operations, characterized by their persistence and ability to maintain prolonged access to sensitive systems, demonstrate how state actors seek to position themselves within critical networks. This reinforces the need for countries like Chile to strengthen early detection capabilities and the protection of essential infrastructure.

These dynamics translate into concrete challenges for countries like Chile. The first arises from the growing use of cyber operations as part of contemporary conflict. Attacks attributed to major powers against critical digital systems illustrate how the cyber domain is increasingly integrated into military and intelligence planning. This has direct implications for states such as Chile. Even if the country is not directly involved in such disputes, global digital interdependence increases exposure to collateral damage. A paradigmatic example is the 2017 NotPetya attack—initially directed at Ukraine and later attributed to actors linked to the Russian state—which ultimately affected companies and infrastructure across multiple countries. This case demonstrates that digital crises originating in distant conflicts can impact highly interconnected economies, reinforcing the need for Chile to enhance its preparedness for systemic disruptions.

A second challenge arises from the persistence of state-affiliated actors within foreign networks through strategic “prepositioning.” Espionage operations and persistent presence have become common practices in the context of contemporary great power competition. A paradigmatic case is the “Volt Typhoon” operation, detected in 2024, in which agents linked to a state actor managed to infiltrate, in a stealthy manner, U.S. energy, water, and transportation networks. Unlike traditional cyberattacks, these actions are not aimed at immediate data theft, but at maintaining access that could enable the disruption of essential services in the event of a future conflict.

A third challenge emerges from the growing geopolitical dimension of digital infrastructure. The recent debate in Chile over submarine connectivity projects involving foreign companies has highlighted how these communication channels can become points of geopolitical leverage. According to the ITU, submarine telecommunications cables carry more than 99% of international data traffic, making them critical assets[8]. For this reason, major powers have begun to assess such infrastructure from a national security perspective, evaluating not only economic feasibility but also strategic implications and the integrity of technological supply chains.

In response to these challenges, Chile should move toward an integrated approach that connects public security, national defense, and technology policy. This could take the form of institutionalizing national cyber crisis exercises involving multiple stakeholders[9], expanding existing initiatives and projecting them into a permanent system for the protection of critical infrastructure; establishing national security-based assessment mechanisms for technology providers in sensitive sectors; developing intelligence capabilities to monitor threats that combine digital and economic dimensions; and enhancing coordination and strategic information-sharing at the ministerial level to anticipate risks in an increasingly competitive international environment.

Ultimately, these proposals point to a broader challenge: the Chilean state should move from a cybersecurity policy toward a fully-fledged national cybersecurity strategy. While a policy establishes general principles, a strategy defines priorities in response to concrete threats, sets operational objectives, and guides the use of state capabilities. Such a strategy should be embedded within the broader framework of national security and aligned with the institutional architecture responsible for its governance, ensuring coherence in decision-making, resource allocation, and strategic leadership in the face of threats that extend beyond the strictly technological domain. It should focus on three core objectives: protecting the country’s critical digital infrastructure; strengthening economic resilience to technological disruptions; and developing capabilities to prevent, deter by denial, and respond to hostile operations in cyberspace.

In an international environment where the digital domain has become a central arena of geopolitical competition among states, advancing toward strategic leadership in cybersecurity is a necessary condition for achieving national security objectives.

Alejandro Amigo

---

[1] https://www.bcn.cl/leychile/navegar?idNorma=1202434

[2] https://anci.gob.cl/documents/4430/Pol%C3%ADtica_Nacional_de_Ciberseguridad_2023-2028.pdf

[3] https://ncsi.ega.ee/ncsi-index/?order=rank

[4] https://www.itu.int/epublications/publication/global-cybersecurity-index-2024

[5] https://publications.iadb.org/en/2025-cybersecurity-report-vulnerability-and-maturity-challenges-bridging-gaps-latin-america-and

[6] http://www.dipres.cl/597/articles-406737_doc_pdf.pdf

[7] https://cloud.google.com/blog/topics/threat-intelligence/disrupting-gridtide-global-espionage-campaign

[8] https://www.itu.int/digital-resilience/submarine-cables/

[9] Including, among others, ministries, the Armed Forces, law enforcement and public security agencies, the National Cybersecurity Agency (ANCI), critical operators designated by ANCI, and academic and research institutions related to the field of cybersecurity.