El Salvador New Cybersecurity Policy

On May 13, 2022 the government of El Salvador published Executive Order Number 163, establishing guidelines to prevent and manage cybersecurity risk.  The Executive Order, named Cybersecurity Policy of El Salvador (Politica de Ciberseguridad de El Salvador), lays out criteria to develop cybersecurity capacities aimed to protect critical infrastructure, strengthen response mechanisms, and develop the technical and administration skills, so that the public and private institutions in El Salvador as well as citizens are aware of cybersecurity and risks related to the use of information technologies.  

The policy also includes specific objectives, including: the creation of an entity to coordinate cybersecurity efforts; the promotion of educational campaigns to raise awareness; the adoption of good practices and the creation of specialized protection centers; the analysis of the current laws to promote the creation of a wide-ranging legal framework and the training needed within the judicial sector to investigate and prosecute cybercrimes; also, encourages risk assessment as the method to reduce cyber incidents; and promotes international cooperation through technical assistance and collaboration with international organizations and friendly countries. 

The policy will be implemented by all entities within the executive branch.  It is also strongly encouraged to be implemented by official institutions, autonomous and private, that manage strategic assets of critical infrastructure within the country which are exposed to cyberthreats and have a relationship with public institutions.  

A copy of the Executive Order Number 163 is available in El Salvador Official Gazette, (date of publication: May 13, 2022)

For more information, contact the U.S. Commercial Service Office in San Salvador at office.sansalvador@trade.gov.