Countries in Latin America and the Caribbean have made notable advances in strengthening their cybersecurity capacity, yet significant gaps persist in resources, workforce development, and cross-sector coordination, leaving the region exposed to evolving digital threats, according to the 2025 Cybersecurity Report by the Inter-American Development Bank (IDB) and the Organization of American States (OAS). The report offers a decade-long view of the region’s cybersecurity evolution and provides the most comprehensive assessment to date across 30 countries. Developed in partnership with the Global Cyber Security Capacity Centre at the University of Oxford, it benchmarks national capacities using the Cybersecurity Capacity Maturity Model for Nations (CMM), allowing comparisons over time and between countries.
The report assesses cybersecurity maturity across five key dimensions: policy and strategy, culture and society, education, training and skills, legal and regulatory frameworks, and technology and standards. Data collected from OAS member states highlights progress from 2020 to 2025 and identifies remaining gaps. Paula Acosta, Chief of the Institutional Capacity of State Division at the IDB, emphasized that while progress has been made, investment in cybersecurity, cross-sector collaboration, and operational capabilities must accelerate to manage rising digital risks effectively.
Findings indicate steady regional improvement and a narrowing maturity gap between countries, reflecting more balanced development. However, critical areas such as software quality, protection of critical infrastructure, the cybersecurity marketplace, and investment in research and innovation remain underdeveloped. Adoption of cyber insurance is also limited. The report underscores the growing impact of artificial intelligence on the threat landscape, calling for updated governance, standards, and capacity-building to mitigate AI-related cybersecurity risks.
The study also highlights the importance of political leadership and absorptive capacity in advancing cybersecurity. Countries that integrate cybersecurity into broader development strategies and foster public-private partnerships are better positioned to address threats and close maturity gaps. Iván Marques, OAS Secretary for Multidimensional Security, noted that cybersecurity is a collective responsibility and emphasized continued technical support and cooperation to ensure the region progresses together.
The 2025 Cybersecurity Report represents the third edition of this strategic collaboration between the OAS, IDB, and the Global Cyber Security Capacity Centre. Building on previous studies from 2016 and 2020, it provides actionable recommendations for policymakers, private sector leaders, and civil society, offering guidance to enhance cybersecurity maturity and resilience throughout Latin America and the Caribbean.
