• Home »
  • Uncategory »
  • Uruguayan Defense Minister Creates National Computer Security Incident Response Center

Uruguayan Defense Minister Creates National Computer Security Incident Response Center

By Dialogo
March 09, 2015




The Defense Minister of Uruguay is preparing to strengthen the country against cyber attacks by creating the National Computer Security Incident Response Center (CERTUY).

The center aims to protect everything from databases to the country’s satellites. It also will work with domestic and international organizations to strengthen the security of Uruguay’s information technology.

CERTUY was created through a decree signed by former president José Mujica (who left office March 1 and was succeeded by President Tabaré Vázquez), and Defense Minister Eleuterio Fernández Huidobro “with the task of preventing, treating, and managing cybersecurity incidents that may arise in the context of national security,” according to a January 27 press release from the Office of the President of Uruguay.

The new organization will work with all of the country’s institutions in all areas related to the Ministry of Defense and it will coordinate all activities related to the management of cyber incidents, explained Roberto Ambrosini, co-director of the Cyber-Security Course at the Center for Higher National Studies at the Defense College of Uruguay.

The work will be done in coordination with CERTUY, under the Electronic Government Development Agency (AGESIC), which is part of the Executive Branch.

“We have been working for years on the issue because advances in technology create some vulnerabilities. The objectives are to mitigate, prepare for, and manage all of the characteristics of cybercrimes in the area of Defense,” said Undersecretary of the Ministry of Defense Jorge Menéndez, according to news daily El Espectador
on February 6.

“This is an issue that also goes beyond national boundaries and exposes us to global actions. The world is globalized and full of uncertainty. We have to work on developing strategic intelligence,” Menéndez added.

Critical infrastructures and essential services are priorities


The personnel at the response center will specialize in different areas of cyber-defense. “There are differences in what you need to know to prevent an attack on the financial system and what you need to know to prevent an attack on the country’s radars,” AGESIC Executive Director José Clastornik said, according to news daily El Observador
on January 31.

In addition to developing capabilities for the early detection and prevention of computer security incidents, the new unit will "effectively and efficiently" respond to IT incidents involving critical infrastructure and essential services, according to the Office of the President.

The cyber-defense team will classify incidents based on their level of importance and impact on the functionality of the state, according to Ambrosini. In the case of multiple incidents, CERTUY must decide which is the most important, in order to devote more resources.

For example, priorities would include the centers for command and control of the Navy, shipping lines, and airports.

Proactive and reactive services will be offered


The response center will provide both proactive and reactive services.

Reactive services include providing technical and logistical support in order to mitigate the impact of cybersecurity incidents, coordinating the incident response initiatives, and providing centralized reporting regarding all security incidents on record.

Proactive services include researching, developing, and maintaining policies, standards, procedures, techniques, tools, and best practices that improve information security.

The center will provide other proactive services including the periodic analysis of the risks associated with information assets, the training of the response team members and their designated supervisors, and collaboration with other centers and response teams at the national and international levels to address cybersecurity incidents.

There are also plans to integrate and exchange computer security knowledge with educational institutions.

The cybersecurity area is composed of three main branches: technical, technological, and the generation of policies and procedures for managing security, according to Ambrosini.

Uruguay ranks high on Global Cybersecurity Index


The Global Cybersecurity Index released in December 2014 by the International Telecommunication Union (ITU) ranks Uruguay eighth in the world in cybersecurty capabilities, according to a CERTUY press release issued on December 26, 2014.

In the first half of 2014, there were 306 cybersecurity incidents in Uruguay. Incidents are defined as any attempt, successful or not, to carry out an information technology attack, according to CERTUY.

“The increase in incident detection year after year is due to the implementation of new detection systems, which contribute to active responses,” the CERTUY website reports.

According to Ambrosini, “both at the national and international levels, the center is well-regarded. It has been working with response teams from the OAS [Organization of American States] and the CERTUY for some time. What has happened has been a formalization of the issue.”

“Following the line traced by all response teams, we expect to be successful, but keep a humble attitude in order to learn from others and a willingness to collaborate to respond to cyber-incidents and resolve them as quickly as possible.”



The Defense Minister of Uruguay is preparing to strengthen the country against cyber attacks by creating the National Computer Security Incident Response Center (CERTUY).

The center aims to protect everything from databases to the country’s satellites. It also will work with domestic and international organizations to strengthen the security of Uruguay’s information technology.

CERTUY was created through a decree signed by former president José Mujica (who left office March 1 and was succeeded by President Tabaré Vázquez), and Defense Minister Eleuterio Fernández Huidobro “with the task of preventing, treating, and managing cybersecurity incidents that may arise in the context of national security,” according to a January 27 press release from the Office of the President of Uruguay.

The new organization will work with all of the country’s institutions in all areas related to the Ministry of Defense and it will coordinate all activities related to the management of cyber incidents, explained Roberto Ambrosini, co-director of the Cyber-Security Course at the Center for Higher National Studies at the Defense College of Uruguay.

The work will be done in coordination with CERTUY, under the Electronic Government Development Agency (AGESIC), which is part of the Executive Branch.

“We have been working for years on the issue because advances in technology create some vulnerabilities. The objectives are to mitigate, prepare for, and manage all of the characteristics of cybercrimes in the area of Defense,” said Undersecretary of the Ministry of Defense Jorge Menéndez, according to news daily El Espectador
on February 6.

“This is an issue that also goes beyond national boundaries and exposes us to global actions. The world is globalized and full of uncertainty. We have to work on developing strategic intelligence,” Menéndez added.

Critical infrastructures and essential services are priorities


The personnel at the response center will specialize in different areas of cyber-defense. “There are differences in what you need to know to prevent an attack on the financial system and what you need to know to prevent an attack on the country’s radars,” AGESIC Executive Director José Clastornik said, according to news daily El Observador
on January 31.

In addition to developing capabilities for the early detection and prevention of computer security incidents, the new unit will "effectively and efficiently" respond to IT incidents involving critical infrastructure and essential services, according to the Office of the President.

The cyber-defense team will classify incidents based on their level of importance and impact on the functionality of the state, according to Ambrosini. In the case of multiple incidents, CERTUY must decide which is the most important, in order to devote more resources.

For example, priorities would include the centers for command and control of the Navy, shipping lines, and airports.

Proactive and reactive services will be offered


The response center will provide both proactive and reactive services.

Reactive services include providing technical and logistical support in order to mitigate the impact of cybersecurity incidents, coordinating the incident response initiatives, and providing centralized reporting regarding all security incidents on record.

Proactive services include researching, developing, and maintaining policies, standards, procedures, techniques, tools, and best practices that improve information security.

The center will provide other proactive services including the periodic analysis of the risks associated with information assets, the training of the response team members and their designated supervisors, and collaboration with other centers and response teams at the national and international levels to address cybersecurity incidents.

There are also plans to integrate and exchange computer security knowledge with educational institutions.

The cybersecurity area is composed of three main branches: technical, technological, and the generation of policies and procedures for managing security, according to Ambrosini.

Uruguay ranks high on Global Cybersecurity Index


The Global Cybersecurity Index released in December 2014 by the International Telecommunication Union (ITU) ranks Uruguay eighth in the world in cybersecurty capabilities, according to a CERTUY press release issued on December 26, 2014.

In the first half of 2014, there were 306 cybersecurity incidents in Uruguay. Incidents are defined as any attempt, successful or not, to carry out an information technology attack, according to CERTUY.

“The increase in incident detection year after year is due to the implementation of new detection systems, which contribute to active responses,” the CERTUY website reports.

According to Ambrosini, “both at the national and international levels, the center is well-regarded. It has been working with response teams from the OAS [Organization of American States] and the CERTUY for some time. What has happened has been a formalization of the issue.”

“Following the line traced by all response teams, we expect to be successful, but keep a humble attitude in order to learn from others and a willingness to collaborate to respond to cyber-incidents and resolve them as quickly as possible.”
Share