Costa Rica is all but new on the world map of countries that took digital transformation as a priority. Over there, in Central America, this relatively small nation started investing in digital-related development and education already more than 20 years ago. Almost similarly to Estonia – and as similarly, they have come to create a crisis-proof digital society.
Jorge Mora Flores, now an expert consultant and account manager in cybersecurity, is the former Director of Digital Governance in Costa Rica. In a podcast episode bridging across the ocean, he raises the curtains over the digital path of the country, and how resilience remains in focus after two decades of development.
Not to miss at the 2023 e-Governance Conference: “Crisis-proofing the digital society”, May 31. Hosted by Merle Maigre, eGA’s Programme Director on Cybersecurity, Flores will join the Ministry of Defence from Montenegro Denisa Kurtagic to discuss preparedness and response in the face of cyber crises.
Twenty years of change in Costa Rica, and counting
The digital story of Costa Rica begins in the early 2000s, with the creation of a dedicated unit as part of the office of the Presidency of the Republic. 2002 sees the country’s very first digital policy papers come to life, followed by rapid developments in interconnecting financial institutions and the government, to jointly create and provide services for citizens.
The country is also among those that pioneered digital signature in this geopolitical area, as soon as 2005 – an early stage for innovation in the region. Through service development and the formulation of the nation’s first holistic digital transformation strategy in 2018, Costa Rica managed to gain membership in the OECD too, in May 2021. Today, the country keeps innovating in banking, digital identity, healthcare.
But what Flores cares to emphasize, within this journey, is the role of budgeting and education. “Costa Rica abolished its army in December 1948, and all the military budget was allocated to education instead. I think this is very important because I do believe that investing in education is the key to effective digital transformation. It allows us to understand how to use technology better, safer, and it is key to building a culture of cybersecurity too,” Flores highlights.
The 2022 crisis – threats that move fast
It is self-evident the rise in cyber threats we all have witnessed in the past seven to ten years. These are so widespread, that not even Costa Rica has been spared by cyberattacks and the attention of cyber criminal gangs. “In April 2022, the whole government suffered a cyberattack that started from the Ministry of Economics. It’s important to highlight it because under its competence fall many digital services. Then, it spread to other government ministries too,” Flores says.
But that experience, as often after trauma, brought many lessons learned. First of all, in terms of awareness: “Digital transformation is a reality, we are constantly connected and interconnected through various devices. As a consequence, gangs [and malicious actors] change their attacking techniques, and the threats to look out for are now in cyberspace,” Flores points out.
“Right now, the challenge is to shift cybersecurity to a transversal matter, of interest to all national institutions.” In order to do that, next to the public-private national cybersecurity cluster created three years ago, the country’s Congress is working on drafting a cybersecurity law.
Through increasing the exchange of information across government agencies, and sharing key points on threats and response mechanisms, the end goal is to improve collaboration across institutions and prevent future instances of contagion.
Resilience and education in cybersecurity, in Costa Rica and beyond
Costa Rica keeps education in high regard, as the decision to allocate the budget for the military entirely to that sector testifies. True, it is something that other countries – as we have seen in the past year of war in Ukraine, especially – cannot often afford to do. But the link between investments in education and digital development is clear. “In universities, we have created the first cybersecurity formal study programmes. Programmes that can be found in the best technical schools too, as well as in technical high schools,” Flores says.
But Flores believes the country can go further. “The challenge is how to create such a culture of digital, and as a consequence cybersecurity too, from the very first levels of education. In my opinion, it’s not something to develop once adult age is reached, but that needs to start much, much earlier in life.”
Interested in more? Find out more on the official website of the 2023 e-Governance Conference. And whether in person or online, join us to build better and more inclusive digital societies! Together.