Use of Basic Cybersecurity Measures Exposes Mexican Firms

Twenty five percent of large companies and 11% of startups in Mexico report daily cyberattacks, yet 41% of organizations continue to protect data using simple passwords. While 65% of regional entities claim to feel prepared, most perform minimal investments and rely on reactive defense measures, creating a false sense of security that threatens economic development and digital trust.

Ricardo Amper, Founder and CEO, Incode Technologies, says that the reliance on alphanumeric passwords is insufficient to achieve a responsible digital transformation. To address these vulnerabilities, Amper emphasizes that it is indispensable to adopt multi-factor authentication (MFA) to ensure that every individual possesses a unique, privacy-centered identity.

The study "Cybersecurity, Enabler of Confidence and Competitiveness," which was developed by Incode and Endeavor, reveals a concerning trend across Latin America. Although over half of the organizations in the region express confidence in their readiness, their actions remain strictly defensive rather than strategic. This reactive posture prevents cybersecurity from becoming a fundamental pillar for corporate growth and economic stability in the digital era.

In Mexico, large enterprises face a constant barrage of threats, yet the persistence of traditional passwords suggests a significant gap between the sophistication of attackers and the protocols of defenders. To mitigate these risks, industry experts recommend a transition toward cyber resilience rather than simple defense. This approach requires companies to integrate security as a continuous business process that is aligned with corporate strategy and organizational culture. Technical implementation must move beyond periodic password changes to incorporate advanced monitoring and defensive AI.

Events such as Safer Internet Day, observed on Feb. 10, serve as critical periods for corporations to reassess their digital infrastructure. Without a shift in perspective, the "false sense" of protection will continue to leave sensitive data exposed to exploitation.

Defensive AI tools are crucial to identify vulnerabilities in a timely manner, manage third-party risks, and improve the speed of incident response. These technologies are particularly important to counter emerging threats, such as deepfakes and Generative AI attacks. Incode Technologies, which seeks a valuation of US$3 billion, uses AI and machine learning to automate identity verification and prevent fraud.

Furthermore, the human factor remains the primary risk in any security architecture. Organizations must provide frequent training to all personnel to reduce the likelihood of successful social engineering or operational errors. Iñigo Castillo, General Manager for Latin America, Incode, says that internal strategies must also be integrated with those of external partners and allies. This intersectoral cooperation is necessary to elevate the overall level of cyber maturity and secure the digital assets of Mexican companies.

As the digital landscape evolves, the adoption of proprietary, automated technology and identity verification will become a standard requirement for high-regulated sectors such as financial services, government, healthcare, and retail.