Municipal Cybersecurity on the Edge: The New Frontier of Binational Governance
- Editorial
- Jul 4
- 3 min read
For years, the digitalization of local governments in Mexico and the United States has been hailed as a symbol of efficiency and transparency. However, 2024 marked a turning point: cyberattacks targeting municipalities, city halls, and local agencies increased by 38% across North America, disrupting everything from property tax systems to citizen service platforms. Cybersecurity is no longer a technical concern — it has become a matter of governance, digital sovereignty, and the protection of fundamental rights.
In the United States, over 300 local governments reported ransomware incidents in 2024, according to the Center for Internet Security, with estimated losses exceeding $320 million, factoring in ransom payments, recovery efforts, and reputational damage. Mid-sized cities like Pensacola (Florida), Lowell (Massachusetts), and several cities in Southern California experienced massive system lockdowns that paralyzed services such as permit issuance, payroll, and emergency alerts.
Mexico was no exception. A report by the National Autonomous University of Mexico (UNAM) and the Secretariat of Security and Citizen Protection revealed that at least 40 municipalities in Jalisco, Baja California, and the State of Mexico suffered attempted system breaches in 2024. The case of Hermosillo stood out: following a cyberattack in September, personal data from more than 150,000 taxpayers were compromised, sparking a legislative debate that remains unresolved.
Despite these warning signs, average investment in cybersecurity remains minimal. In Mexico, less than 0.5% of municipal budgets are allocated to digital protection. In the U.S., the average rises to 1.4%, but there’s a striking disparity between large cities and rural communities. According to the Brookings Institution, only 29% of U.S. local governments have a designated cybersecurity officer. In Mexico, this role is virtually nonexistent.
On the academic front, institutions like ITESM, UNAM, and the University of California, San Diego have begun to offer training programs for public officials, including diplomas and certifications in public cybersecurity. Yet training remains reactive rather than preventive. In 2024, fewer than 12% of municipal officials in Mexico received formal education in data protection or cyber risk management.
Binational cooperation in this area remains limited. The U.S.-Mexico Cyber Dialogue, launched in 2022, has made modest progress, primarily at the federal level and in digital customs coordination, but has yet to reach the municipal level. The lack of standardized protocols and low system interoperability hampers coordinated regional responses to cross-border threats such as identity theft and digital infrastructure hijacking.
Looking ahead to 2025, the main challenge is not only technical but also political and budgetary. Cybersecurity must stop being seen as an expense and start being treated as a strategic investment in institutional stability. Local governments in both countries must incorporate digital audits into their development plans, strengthen cloud storage systems under international standards, and prioritize personal data protection as part of citizens' right to privacy.
The coming year also presents a window of opportunity. With local elections in over 20 Mexican states and federal elections in the U.S., the risks of digital manipulation, disinformation, and electoral hacking are increasing. Municipalities must shield themselves not only from technical cyberattacks but also from disinformation campaigns designed to undermine public trust.
In this context, strengthening municipal cybersecurity is not optional — it is a democratic imperative. What’s needed is a binational public policy approach that recognizes cybersecurity as a pillar of institutional resilience, one that brings together universities, the private sector, digital rights organizations, and local governments. Without such a framework, the costs will not only be economic but political: a loss of public trust, weakened public services, and constant exposure to threats that recognize no borders.
Written by: Editorial
Comments