Protecting the information of citizens, businesses, public institutions and the country in general from constant cyber attacks is the purpose sought by the Ministry of Science, Innovation, Technology and Telecommunications (MICITT) with the “Regulation on Cybersecurity Measures Applicable to Telecommunications Services Based on Fifth Generation Mobile Technology (5G) and Higher.”This was announced by Paula Bogantes, minister of the sector, during a press conference.
Bogantes mentioned that, since the declaration of emergency (Executive Decree No. 43542-MP-MICITT), the MICITT has focused its efforts on the prevention of cyberattacks, which entails the development and approval of legal regulations and other instruments in accordance with best international practices, including Executive Decree No. 44196, Regulation approved last August.
Protecting Costa Rica
Bogantes mentioned that “the objective is to protect Costa Rica. What we want is to protect the privacy of people, their data, their savings, their families, the country’s children, but also companies, public institutions and commerce that use fifth generation mobile technology (5G).”
The regulation has a legal basis in the provisions of the General Telecommunications Law that gives the MICITT the regulatory powers to protect the privacy, intimacy and data of citizens and the country and is based on the “Recommendation on the cybersecurity of 5G networks” issued by the European Union in 2019.
Bogantes added that “we do not intend to leave any competitor out, rather we seek from current international standards to offer citizens the guarantee of the principles of protection and security against computer crimes and Internet crimes.”
Bogantes explained that this regulation applies to network operators and telecommunications service providers based on fifth generation technology and higher, so that the technological equipment necessary for the deployment and operation of these networks meets the conditions to guarantee their safe operation.
The decree is respectful of the principle of technological neutrality, since it does not require operators to use a specific technology, however it establishes objective criteria that will allow for secure operation of 5G or higher networks and, in addition, establishes a deadline to issue good practice guidelines on Cybersecurity for 4G networks and previous generations