The cybersecurity landscape is experiencing a rapid evolution of threats, presenting a growing challenge for governments, companies, and individuals to keep up with. As the adoption of advanced technologies like AI accelerates, a dual impact becomes evident. On one side, these technologies enhance security protocols and predictive analytics, providing more robust defenses against cyber-attacks. But on the other side, they also introduce new vulnerabilities and will be used by cybercriminals to create more sophisticated and automated threats.
In Mexico, the rising use of technology has led to increased interconnectivity, amplifying the need for better cybersecurity measures. As businesses and public entities become more reliant on digital processes, their attack surface logically expands. This emphasizes the crucial need to prioritize the protection of sensitive data and critical infrastructure. The Mexican market, which is the second-most exposed to cybersecurity incidents (17%) in Latin America according to the Latam Security Report Latam, faces the task of implementing comprehensive cybersecurity strategies to prevent data breaches and cyber-attacks that could have far-reaching implications for both the economy and the privacy of individuals. In a context where regional cybersecurity attacks have grown by 600% over the last 24 months and in which Mexico suffers an average of 1,600 of those attacks per week, the need for improved cybersecurity is clear, as it plays a crucial role in the country's efforts to safeguard its digital progress and economic stability for the years to come.
These efforts will be led not only by governments and international organizations, but also by a growing number of cybersecurity startups working on the edge of new technologies and moving fast to solve the most urgent challenges.
Market Overview
As in most of the world, Mexico's cybersecurity market is on the rise. The widespread digital transformation of sectors, including finance, healthcare, government services and retail, is driving the demand for robust cyber defense solutions. This has left to a flourishing market for cybersecurity solutions. This growth is further spurred by a collective awareness of the omnipresent nature of cyber threats, capable of targeting the core of critical systems and personal data with equal severity. This is particularly evident in sectors dealing with sensitive or critical data such as the financial, healthcare, as well as manufacturing and energy sectors. To highlight the real-world impact, in the first half of 2023, four banks in Mexico reported cybersecurity incidents which amounted to a financial loss equivalent to 4 million USD.
Improving cybersecurity faces two primary challenges. Firstly, there is widespread lack of awareness and implementation (still) of good cyber-protection practices, both at home and in the corporate environment. For instance, 36% of internet users in Mexico still do not have basic antivirus protection. Secondly, financial constraints, especially within smaller businesses and public institutions hinder the adoption of robust cybersecurity measures. Additionally, there is a pronounced gap between the market demand for cybersecurity and the pool of qualified professionals available. Mexico, like many countries worldwide, grapples with a shortage of around 400,000 cyber experts. Addressing these challenges is critical for Mexico to harness the full potential of its growing economy and secure its digital future.
Sector Mapping
The cybersecurity sector is a complex ecosystem, encompassing a range of verticals that reflect today's multifaceted economy. As cyberattacks become more common and sophisticated and corporate networks grow more complex, a variety of cybersecurity solutions are required to mitigate corporate cyber risk.
The sector is usually divided into 9 main pillars:
- Data Protection
- Governance, risk, compliance (GRC)
- Network and Endpoint Security
- Identity Access Management (IAM)
- Cloud Security
- Mobile vs. Web Security
- IoT & OT Security
- Application Security
- Email security
This sector is populated by a spectrum of players. Startups are agile, often specializing in niche areas such as applications security, cloud security or semi-automated GRC. They innovate rapidly, adapting to the local market's needs and challenges. On the other end, multinational corporations (Crowdstrike, Splunk, Fortinet, Datadog etc.) bring global and modular solutions through a platform approach, offering comprehensive cybersecurity suites that promise scalability and integration across business functions. In between, there are established Mexican cybersecurity firms that have grown with the market, Managed Security Service Providers (MSSPs), understanding its idiosyncrasies and developing tailored solutions that resonate with local businesses. These firms often bridge the gap between international best practices and domestic realities, offering a blend of products and services that cater primarily to the enterprise market (due to the broader focus of global solution providers on that segment).
All these firms often adopt either a blue team (defensive cybersecurity), red team (offensive cybersecurity) and/or GRC (mainly security information compliance) approach in their value offering. The blue team focuses on continuous defense, working to safeguard systems and networks by implementing security measures, monitoring for vulnerabilities, and responding to incidents. They act as the "good guys" who aim to protect against cyber threats. On the other hand, the red team takes an offensive stance, simulating cyberattacks to identify weaknesses in a system's defenses. The red team's goal is to mimic the tactics of real adversaries, providing a proactive assessment of security vulnerabilities. Together, these approaches create a comprehensive cybersecurity strategy that combines proactive defense (blue team) with simulated attack scenarios (red team) to strengthen a company's overall security posture.
As end customers increasingly demand security information compliance (GRC) in response to the adoption of security frameworks such as ISO 27001 and NIST, coupled with data privacy regulations, vendors also play a crucial role in bridging the gap. They offer training and awareness tools to assist customers in meeting regulatory and certification standards through automated solutions (startups) or consulting processes (MSSP).
The LATAM Cybersecurity Startup scene:
- Bayonet: Anti-fraud service focused ecommerce and payment providers operating in Mexico and Colombia
- Trully: Mexican identity theft protection and KYC solution focused on reducing identity fraud
- Incode: Mexican identity verification & biometric authentication platform
- Strike: Uruguayan provider of continuous pentesting solutions
- Hackmetrix: Chilean offensive security and compliance start-up that provides semi-automated compliance tools as well as ethical hacking services
- MetabaseQ: Mexican cybersecurity start-up providing security operations center (SOC), cloud security and offensive (APT) security solutions
- Kriptos: Ecuadorian startup providing GRC software for identifying and classifying sensitive documents following regulatory requirements
- Octapus: Cybersecurity and cloud data management platform that provides an all-in-one cybersecurity (offensive/defensive) and data sovereignty offering with presence in Mexico and Colombia
Regulatory Environment
While Mexico is still discussing the initiative to pass its first cybersecurity law presented in 2023, the country´s cybersecurity regulatory environment is shaped by both national laws and international agreements. The domestic laws include the Federal Law on Protection of Personal Data Held by Individuals (LFPDPPP) and regulations from the National Institute of Transparency, Access to Information and Protection of Personal Data (INAI). These laws provide guidelines for data protection, requiring companies to implement robust security measures, conduct risk assessments, and promptly report any data breaches. In addition, the Fintech Law and complementary directives (e.g. art. 328 CNBV, A52), impulse the compliance to stronger data sovereignty framework, to avoid the exposure of sensitive local data (e.g. consumer data, financial data, government info) to the US Cloud Act, which compels US cloud infrastructure provider to disclose data that is in that provider’s custody regardless of where the data is located in the US.
Adhering to these regulations can pose operational challenges, especially for small and medium-sized enterprises (SMEs). Meeting these regulatory requirements often necessitates significant investments in technology and staff training. The complexity of these regulations can also increase operational burdens, requiring dedicated efforts to maintain compliance.
Technology and Innovation
Cybersecurity technology is witnessing rapid advancements in predictive analytics, threat intelligence, and incident response becoming increasingly sophisticated. Predictive analytics are being leveraged to anticipate potential threats by analyzing patterns and anomalies in large datasets, allowing organizations to preemptively strengthen their defenses. Threat intelligence platforms have become more complex, collecting and correlating data from a myriad of sources to provide actionable insights, enhancing the ability to respond to emerging threats swiftly and effectively.
Academic institutions in Mexico are at the forefront of research, delving into cutting-edge cybersecurity topics and developing new technologies. These institutions often partner with industry leaders to translate theoretical knowledge into practical solutions. This synergy is further enhanced by government initiatives that provide both the framework for security innovation and the support necessary to foster an environment conducive to research and development.
Through such partnerships, Mexico is cultivating a vibrant ecosystem in cybersecurity. These collaborative efforts are essential in developing home-grown cybersecurity solutions that are tailored to the specific threats and challenges faced by Mexican enterprises and the public sector. This not only puts Mexico on the map as a hub for cybersecurity innovation but also ensures that the nation's cyber infrastructure is robust, resilient, and capable of withstanding the threats of the digital age.
The recent trend of ‘Nearshoring’ will be very sensitive to the capacity of Mexico's infrastructure to offer the security and resilience needed to support critical operations. Experts are already witnessing an increase in cyber threats to national companies and are expecting a significant increase in the coming years.
Investment and Funding
While we assess the investment in cyber startups in 2023 to only 13 million USD, distributed across four startups between seed and series A, we know that it is a sector closely followed by investors and VC investment in the space, and is expected to grow rapidly due to the fast-growth of the industry. In the last 3 years, some noteworthy funding rounds have underscored the confidence investors have in Mexico's cybersecurity market, such as InCode´s USD 221m series B. There have been several high-profile investments and partnerships, which not only inject capital but also expertise into the sector. This influx of funding is helping to shape the market, allowing companies to scale their operations, expand into new service areas, and innovate in response to the evolving threat landscape.
Challenges and Opportunities
Mexico's cybersecurity sector faces significant challenges, with the foremost being the cybersecurity skills gap. The rapid pace of technological change and the increasing sophistication of cyber threats demand a workforce with advanced and up-to-date skills. Unfortunately, there is a shortfall in qualified cybersecurity professionals, estimated at 400,000, which leaves organizations vulnerable. This gap is exacerbated by the need for more robust cybersecurity and data sovereignty infrastructure. Many companies struggle with outdated systems and networks that are ill-equipped to fend off modern cyber threats, necessitating substantial investment in infrastructure upgrades.
Yet, within these challenges lie significant opportunities. The skills gap has spurred initiatives in education and professional development, with universities and private institutions expanding their cybersecurity programs. This focus on education aims not only to equip new entrants to the workforce with necessary skills but also to provide current professionals with ongoing training. Additionally, the need for infrastructure improvements presents a fertile ground for solution providers. New and existing cybersecurity firms have the opportunity to introduce innovative products and services tailored to the Mexican market.
Conclusion
As Mexico stands at the crossroads of digital transformation, its cybersecurity market needs to follow suit to offer a safe and strong environment ripe for growth. The confluence of increased digital adoption across various sectors, like e-commerce, financial technology, and healthcare, has set the stage for a burgeoning cybersecurity ecosystem. This potential for growth is attracting attention from around the globe, with investors and experts eyeing Mexico as a land of opportunities.
