Recent Events at UNAM and Federal Departments Highlight Cybersecurity Concerns
Mexico began 2026 with two alarming incidents that have brought cybersecurity to the forefront of national concerns. The National Autonomous University of Mexico (UNAM) reported an unauthorized intrusion into five of its over 100,000 computer systems during the holiday period, which led to the disabling of affected systems following the activation of institutional protocols.
In federal government departments, the Anti-Corruption and Good Governance Secretariat initiated an investigation into a potential security breach involving personal data held by public institutions. The investigation considers hypotheses such as hacking, misuse of credentials, or internal leaks.
The Role of Artificial Intelligence in Cybersecurity
According to the World Economic Forum’s (WEF) Global Cybersecurity Outlook 2026, the cybersecurity landscape in 2026 is marked by growing threats, geopolitical fragmentation, and an expanding technological gap. The document warns that artificial intelligence (AI) is altering the game on both sides, as it strengthens defenses while enabling more sophisticated attacks. Meanwhile, governance frameworks and human capabilities are advancing at a slower pace than the development and use of this technology.
The WEF report indicates that 94% of respondents anticipate AI as the most significant change factor in cybersecurity over the next 12 months. However, only 64% of organizations have processes to assess the security of AI tools before deployment, up from 37% in 2025.
The report explains why this control has become essential, as 87% of respondents identified AI-related vulnerabilities as the fastest-growing cybersecurity risk in 2026. Data breach concerns associated with generative AI are among the most frequently cited issues by executives, alongside adversary capability advancements.
Operational Challenges Hinder Cybersecurity Resilience
The WEF identifies recurring obstacles that hinder an organization’s ability to become resilient against cyberattacks and data breaches. Among the top three challenges reported in their survey are rapidly changing threat and technology landscapes (61%), third-party vulnerabilities and supply chain issues (46%), and skill and experience shortages (45%).
This issue is particularly pertinent to Mexico, as cybersecurity efforts in 2026 are shifting from prevention to operation—continuous monitoring, incident response, evidence preservation, recovery, and traceability.
Institutional Capabilities and Standardization in Mexico
The Organization of American States (OAS), the Inter-American Development Bank (BID), and the University of Oxford’s Global Cyber Security Capacity Centre (GCSCC) published the 2025 Latin America and Caribbean Cybersecurity Report, highlighting similar tensions in institutional capabilities.
The report acknowledges existing forensic resources that demonstrate technical capability but warns of the need for greater standardization and institutionalization to achieve consistent results. Digital evidence handling and computer crime investigation training for police, investigators, experts, and judicial personnel is not systematic. Instead, it often relies on isolated, occasional, or unequal training across institutions.
This gap becomes critical when incidents involve personal data or essential services. Without consistent procedures for evidence preservation and analysis, cases become challenging to close, despite Mexico’s formal progress with coordination and standards among institutions.
The same regional report provides specific details about Mexico’s institutional arrangement. It mentions the establishment of the Agency for Digital Transformation and Telecommunications in 2025, which has responsibilities related to cybersecurity policies.
The report also describes the Interministerial Commission for Information and Security Technologies as coordinating federal cybersecurity policies in public administration. It identifies CERT-MX, managed by the National Guard, as the national incident response center and point of contact for national and international coordination.
The report documents efforts in cybersecurity culture and preparedness, including national campaigns like the National Cybersecurity Week with standardized incident management workshops. In terms of practices, it notes progress in voluntary adoption of standards such as the NIST Cybersecurity Framework and ISO IEC 27001.
The document also describes a digitalization goal for administrative procedures driven by the ATDT, aiming to digitize 80% of procedures and reduce waiting times. It references CERT-MX-led exercises to strengthen resilience.
UNAM described an incident with limited impact on the number of systems and immediate containment actions, while the federal government detailed a case focusing on personal data bases held by public institutions and three typical compromise routes: hacking, credential theft, and internal leaks.
Both cases connect to the core issues highlighted by the WEF and OAS reports for 2026: an AI-accelerated, digitally enabled fraud environment with talent shortages and the need for consistent processes to respond, investigate, and correct vulnerabilities.
