Why the US Should Help Secure Mexican Infrastructure — and What It Gets in Return

Call it cross-border enlightened self-interest: As one of the US's premier trade partners and closest neighbors, what's bad for Mexico is bad for the US.

3 Min Read
Mexican flag
Source: richard mittleman via Alamy Stock Photo

In August 2020, the US and Mexico established a working group and conducted a first-of-its-kind dialogue regarding mutual cybersecurity concerns. While the two countries have been partnering to counter illicit drug trafficking for decades, only recently has real progress been made related to cybersecurity, as described in the State Department's recent joint statement. Given the evolving threat landscape in recent years, it is remarkable it has taken so long for this partnership to mature. What may be quicker to evolve is the private sector's reaction to this new partnership as cybersecurity service providers recognize this bilateral cooperation as a lucrative commercial opportunity.

Reliance on Cross-Border Critical Infrastructure

Perhaps the most significant strategic focus of this collaboration is the commitment to strengthening coordination and response to cyber incidents affecting critical infrastructures. Mexico and the US share interdependent economies, as well as the risk of closely related critical infrastructure. Mexico consistently ranks among the top trade partners for the US and in 2021 supplied 8% of US oil (by comparison, Saudi Arabia provided 5%), according to the US Energy Information Administration. US dependency on Mexican oil would thus, naturally, justify the protection and security of that resource as a US national security interest.

Similar to the US's own Colonial Pipeline compromise in 2021, Pemex (Mexico's state-owned petroleum company) experienced a ransom event in 2019. Fortunately, the Pemex incident did not result in the same disruption to services as the Colonial matter did. Pemex's incident does highlight that Mexico's infrastructure is a target and that it is also vulnerable. Though the Pemex incident did not make significant waves for the US, a more significant incident could cause far greater economic consequences for Mexico and the US alike.

Benefits of Closing Vulnerabilities as Trade Partners

As one of the US's premier trade partners and boundary sharing geographic neighbors, what is bad for Mexico is bad for the US. Be it in telecom, the financial sector, or any aspect of critical infrastructure and key resources, a disruption in Mexico would likely cross over and impact the US. One of the most effective and self-beneficial ways for the US to protect against this is to invest in Mexico's cybersecurity capabilities. In many cases, nation-state offensive operations view Mexico as a less secure technological gateway into targeting the US. The relatively weak cybersecurity posture in Mexico enables criminals to either exploit entities there or use compromised systems as proxies to target US entities.

Mexico is also seeing an increase in overseas factories relocating and setting up production within its borders. The Chinese in particular view this as a strategic advantage as it reduces their overall cost in shipping expenses as well as export tariffs. Chinese investment in this way will undoubtedly require additional bandwidth, expansion of IT related infrastructure, and efficient connectivity back to China. Aside from its implications to US national security, Mexico's cybersecurity capabilities and related infrastructure will need to mature to keep pace with this industrial and economic development.

With growing, increasingly complex internal cyber demands, Mexico is likely incapable of meeting these needs on its own and would benefit from able and experienced partners. US investment, both from the government and private sector, in Mexico is more a matter of investing in US interests, yielding benefits both economically and security-wise.

The US would be served well if it benchmarked the mission and vision of the Cybersecurity and Infrastructure Security Agency (CISA) and invested in Mexico's ability to "understand, manage, and reduce risk" to Mexico’s cyber and physical infrastructure. The near-term security priorities investment should be maturing capability delivery, vulnerability management, and cyber-defense education, and training. 

Additionally, forward-thinking cybersecurity vendors will undoubtedly see this opportunity as a chance to capitalize on private sector demand, and possibly government contracts as well. It should come as no surprise if the industry sees a flurry of activity around establishing capabilities and resources to serve the market in Mexico. And by treating Mexico's cybersecurity posture as important as countering illicit drugs, the US will enhance its own security in the long run.

About the Authors

Daron Hartvigsen

Managing Director, StoneTurn

Daron Hartvigsen, a managing director with StoneTurn, is a cyber threat response and pursuit expert having served both commercial and US government information security domains. He brings more than 20 years of experience in US intelligence, counterintelligence, and law enforcement, and has conducted incident response, cyber threat pursuit, law enforcement investigations, counterintelligence operations, intelligence analysis, and cyber threat degradation activities.

Daron is highly experienced in both technical and physical security, host-based computer as well as network forensics. He has led vulnerability assessment teams, and previously served as an expert for insider threat identification and mitigation activities. In his previous role, Daron led a cyber investigations practice advising clients operating in the financial services, healthcare, insurance, and retail industries. Specifically. Daron established and led the Cyber Threat Analysis and Pursuit Team (CTAPT) serving both proactive and reactive missions by assembling technical, open source, and Dark Web information into actionable information for internal and client-side needs.



Nathan Fisher

Managing Director, StoneTurn

Nathan Fisher, a managing director with StoneTurn, brings over a decade of experience investigating national security threats to the US government. As a special agent with the Federal Bureau of Investigation, Nathan conducted a vast array of complex intelligence, counterintelligence, and cyber-focused investigations and operations. In his current role, Nathan advises clients across the national security, CFIUS, and cyber spectrums.

During his nearly 12 years with the FBI, Nathan worked on sensitive intelligence collection efforts, collaborating with several other US Intelligence Community (USIC) partners. A Russian speaker, Nathan leveraged his language skills and subject matter expertise to support national security matters and inform policy. He also investigated threats posed by nation-state actors and worked with private sector and academic institutions to inform threat awareness and resolve vulnerabilities.

Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.

You May Also Like


More Insights