Cybersecurity readiness across Latin America and the Caribbean has improved significantly in the past five years, but limited resources, workforce shortages, and weak coordination continue to leave countries exposed to new digital threats, according to a new report from the Inter-American Development Bank (IDB) and the Organization of American States. The 2025 Cybersecurity Report: Vulnerability and Maturity Challenges to Bridging the Gaps in Latin America and the Caribbean, developed with the Global Cyber Security Capacity Centre at the University of Oxford, offers the most comprehensive look yet at cybersecurity capacity in 30 countries across the region.
The study uses the Cybersecurity Capacity Maturity Model for Nations to measure progress across five key areas: national policy and strategy, public awareness, training and skills development, legal frameworks, and technical standards. Overall, the region has made steady gains since 2020, with average scores rising in each dimension and the gap between countries narrowing—a sign of more balanced regional development.
“The digital revolution is transforming economies and societies across Latin America and the Caribbean, but it also brings new risks,” said Paula Acosta, Chief of the Institutional Capacity of State Division at the IDB. “This report shows that, while progress is undeniable, much more must be done. We need to step up investment, strengthen cooperation among governments and businesses, and develop stronger skills and response systems to manage emerging cybersecurity threats.”
The report identifies several remaining weaknesses. Protection for critical infrastructure and software quality controls are still limited, and the regional market for cybersecurity solutions and insurance remains underdeveloped. It also flags growing risks linked to the rapid spread of artificial intelligence, which has created new vulnerabilities and demands updated governance, standards, and training. The analysis finds that countries with strong political commitment and active public-private partnerships are better equipped to close capacity gaps and manage evolving threats.
OAS Secretary for Multidimensional Security, Iván Marques, said the findings reflect both progress and urgency:
“This report shows a clear positive trajectory, but cybersecurity is a shared responsibility. Our partnership with the IDB and the Global Cyber Security Capacity Centre at Oxford is about giving countries the tools they need. The OAS will continue to support them with technical assistance and cooperation so the region moves forward together.”
Now in its third edition since 2016, the joint IDB–OAS report serves as a key resource for policymakers and private sector leaders as the region works to build stronger, more inclusive digital resilience.
