World Cup 2026: An Early Cybersecurity Test for Mexico's National Plan
Mexico's recently adopted National Cybersecurity Plan 2025-2030 faces an early and significant test with the co-hosting of the **FIFA World Cup 2026**. Experts warn that the global event creates a 'target-rich environment' for a spectrum of cyber threats, scrutinizing the nation's nascent cybersecurity capabilities and its ability to implement its new strategic framework.

Seven months after its adoption, Mexico's **Plan Nacional de Ciberseguridad 2025-2030** (National Cybersecurity Plan) is undergoing its first major real-world stress test: the **FIFA World Cup 2026**. With three stadiums in Mexico serving as venues, the tournament is highlighting the nation's progress and lingering gaps in its digital defenses.
Drafted by the **Agencia de TransformaciΓ³n Digital y Telecomunicaciones (ATDT)**, Mexico's Digital Transformation and Telecommunications Agency, the plan aims to modernize federal legislation and bolster government cybersecurity infrastructure. Key objectives for the current year include establishing a National Cybersecurity Strategy, creating a National Cybersecurity Center to track threats, and fostering greater collaboration among government, private industry, and academic cybersecurity professionals, according to a June 25 analysis by threat intelligence firm **Recorded Future**.
### Elevated Cyber Risk for a Global Event
**Recorded Future**'s report underscores the heightened cyber risk surrounding the tournament. "Cyber risk around the tournament is likely to be elevated, as the event creates a target-rich environment for ransomware groups, hacktivists, fraud actors, credential thieves, and disinformation networks seeking financial gain or disruption," the firm stated. Any significant cyber incident during the event could profoundly impact public perception and draw international attention to Mexico's cybersecurity posture.
Prior to the World Cup, **Recorded Future** rated the digital-security risk for Mexican organizations as "medium." However, various cybersecurity firms have reported an increase in cyberattacks both leading up to and during the tournament. This year, Mexico has already faced significant incidents, including a purported massive data leak and an AI-fueled attack targeting nine government agencies that harvested data but failed to breach operational-technology (OT) systems.
### Mexico (and Latin America) Under Attack
To secure the three host cities, the Mexican government launched the "**KukulkΓ‘n Plan**." This comprehensive security initiative involves international cooperation mechanisms, information sharing with the U.S., Canada, and **FIFA**, and specialized training for officials. The government has also conducted risk-management exercises and reinforced security measures around stadiums and other key visitor locations.
Mexico's National Cybersecurity Plan is a long-term document designed to address the country's historical lack of specific cybersecurity legislation, aiming to build a more robust digital security strategy and cultivate the necessary infrastructure and culture for improved detection and response capabilities.
"The plan comes at a crucial time for cybersecurity in Mexico, after several high-profile cyber incidents that have highlighted the need for greater resilience and coordination," **Recorded Future** noted. "These incidents show that Mexico's cyber risks are not limited to a single agency or sector, and that a fragmented, uncoordinated national response capacity can leave public institutions vulnerable to data theft, service disruptions, ransomware, and reputational damage."

Despite this positive step, the plan currently lacks an adequate strategy for securing operational technology and supply chains, according to JosΓ© Felipe Otero, an adjunct professor at New York University and an expert on Latin American telecom infrastructure. In his analysis of the plan, Otero points out, "Even though the plan identifies interdependencies as a global challenge, it does not outline concrete measures to assess third-party risks, implement software bills of materials (SBOMs), or require minimum controls from technology providers." He also highlighted the limited focus on small and medium-sized enterprises (SMEs), which are vital to the national economy and global supply chains.
### The Region Sees More Cyberattacks
Mexico's current federal cybersecurity regulations are a complex mosaic of laws and jurisdictions, as detailed by Mexican financial consultancy **Nader Hayaux & Goebel**. While several cybersecurity law proposals have been submitted to Congress, none have yet been enacted.
"Given the increasing frequency and sophistication of cyber threats, there is a growing need for a comprehensive cybersecurity law that establishes clear regulations and penalties for cyber-related offenses," the firm's analysis stated.
Mexico's experience mirrors a broader trend across Latin America, which has seen a significant 13% year-over-year surge in weekly attacks per organization, reaching nearly 3,150 per week in May. In response, **Recorded Future** advises organizations in Mexico to enhance threat detection, prioritize visibility, and strengthen incident response planning. "They should also train staff and the public on basic cyber safety, with an emphasis on building a practical understanding of how to respond quickly and effectively when incidents occur."