80. Bolivia 28.57

80th National Cyber Security Index
133rd Global Cybersecurity Index
112th ICT Development Index
111th Networked Readiness Index
Population 11.0million
Area (km2) 1.1million
GDP per capita ($) 7.9thousand
NCSI FULFILMENT PERCENTAGE
NCSI Update Data source
26 Oct 2018 Public data collection
NCSI DEVELOPMENT TIMELINE 3 years All data

Version 26 Oct 2018

GENERAL CYBER SECURITY INDICATORS
BASELINE CYBER SECURITY INDICATORS
  • 5. Protection of digital services 0/5 0%
    0
    5 0%
    • 5.1. Cyber security responsibility for digital service providers 0
      0
      1
      Requirements
      Criteria

      According to legislation, digital service providers (except micro and small enterprises): (1) must manage cyber/ICT risks or (2) must implement established cyber/information security requirements.

      Accepted references

      Legal act

      Evidence
    • 5.2. Cyber security standard for the public sector 0
      0
      1
      Requirements
      Criteria

      Public sector digital service providers must implement (1) cyber/ICT security requirements (defined by legislation) or (2) a widely recognised security standard.

      Accepted references

      Legal act

      Evidence
    • 5.3. Competent supervisory authority 0
      0
      3
      Requirements
      Criteria

      The government has a competent authority in the field of cyber/information security that has the power to supervise public and private digital service providers regarding the implementation of cyber/information security requirements.

      Accepted references

      Official website or legal act

      Evidence
  • 6. Protection of essential services 0/6 0%
    0
    6 0%
    • 6.1. Operators of essential services are identified 0
      0
      1
      Requirements
      Criteria

      There is a legal act that allows to identify operators of essential services.

      Accepted references

      Legal act

      Evidence
    • 6.2. Cyber security requirements for operators of essential services 0
      0
      1
      Requirements
      Criteria

      According to the legislation, operators of essential services must manage cyber/ICT risks.

      Accepted references

      Legal act

      Evidence
    • 6.3. Competent supervisory authority 0
      0
      3
      Requirements
      Criteria

      The government has a competent authority in the field of cyber/information security that has the power to supervise operators of essential services, regarding cyber/information security requirements.

      Accepted references

      Official website or legal act

      Evidence
    • 6.4. Regular monitoring of security measures 0
      0
      1
      Requirements
      Criteria

      Operators of essential services must regularly (at least once every 3 years) provide evidence of the effective implementation of cyber/information security policies (e.g. audit result, documentation, specific report).

      Accepted references

      Legal act

      Evidence
  • 7. E-identification and trust services 2/9 22%
    2
    9 22%
    • 7.1. Unique persistent identifier 1
      1
      1
      Requirements
      Criteria

      The government provides a unique persistent identifier to all citizens, residents, and legal entities. For example, the identifier remains the same after document expiration and name change.

      Accepted references

      Legal act

      Evidence

      ID Card Number 

      Law N. 145, of June 27th, 2011, Law of the Personal Identification General Service and of the Driving Licenses General Service

      Article 17. ID Card (Cedula de Identidad)
      I. The ID Card – C.I., is the public, individual, unique and non-transferable document, which accredits the identification of Bolivians, individualizing them from the rest of the residents and inhabitants of the Plurinational State of Bolivia, opposable and valid in the territorial jurisdiction. Likewise, it will be valid in other states with which the Plurinational State of Bolivia has valid reciprocity agreements.


      Directory Normative Resolution Nº 10-0013-03

      The unique key NIT (Tax Identification Number) will allow to unequivocally identify taxpayers and will be composed according to the cases, as follows:

      (a) For individuals, owners of unipersonal companies and undivided estates, the identity card number plus control codes assigned by the Tax Administration.

      (b) For legal entities, foreigners, natural persons with RUN and owners of sole proprietorships with RUN, by a number and control codes granted by the Tax Administration.

    • 7.2. Requirements for cryptosystems 0
      0
      1
      Requirements
      Criteria

      Requirements for cryptosystems in the field of trust services are regulated.

      Accepted references

      Legal act

      Evidence
    • 7.3. Electronic identification 0
      0
      1
      Requirements
      Criteria

      Electronic identification is regulated.

      Accepted references

      Legal act

      Evidence
    • 7.4. Electronic signature 1
      1
      1
      Requirements
      Criteria

      E-signature is regulated

      Accepted references

      Legal act

      Evidence

      Law N. 164, of August 8th, 2011, General Law of Telecommunications, Information and Communication Technologies

      Title I – Article 6 (Definitions) – Section IV: About Digital Signature and Documents – Point 5.

      Title IV – Third Chapter – Article 78, 84


      Supreme Decree 1793, of November 13th, 2013, regulation for the Development of Information and communication Technologies

      Title I – First Chapter – Article 3 (Definitions) – Section III: about Digital Signatures and Certificates

      Title IV: Digital Certificate and Signature and Certifying Entities – Articles 33, 35, 36

    • 7.5. Timestamping 0
      0
      1
      Requirements
      Criteria

      Timestamping is regulated.

      Accepted references

      Legal act

      Evidence
    • 7.6. Electronic registered delivery service 0
      0
      1
      Requirements
      Criteria

      Electronic registered delivery service between state entities, citizens and private sector entities is regulated. The service provides legally binding data exchange and guarantees the confidentiality and integrity of information.

      Accepted references

      Legal act

      Evidence
    • 7.7. Competent supervisory authority 0
      0
      3
      Requirements
      Criteria

      There is an authority responsible for the supervision of qualified trust service providers.

      Accepted references

      Official website or legal act

      Evidence
  • 8. Protection of personal data 0/4 0%
    0
    4 0%
INCIDENT AND CRISIS MANAGEMENT INDICATORS

CONTRIBUTORS