Cybersecurity in Cuba 2026 Marked by the Use of AI

While it’s true that Artificial Intelligence (AI) is playing a key role in achieving greater efficiency in production processes, services, and knowledge management, this technology allows cybercriminals to process, store, and analyze large volumes of information, increasing the possibilities of leaks, misuse, and the exposure of critical information, which generates threats for state institutions, companies, and individuals.

AI tools, used in conversational assistants, support services, and business solutions, rely on large volumes of data to train their algorithms and refine their results. If confidential information is entered into these systems without adequate safeguards, the possibility of it being leaked and falling into the hands of cybercriminals is high.

On top of these risks are the possibilities that AI offers for carrying out sophisticated attacks, through tools designed to refine phishing attacks [attacks that use social engineering and technical resources to steal consumer identity credentials. The term phishing comes from the English word "fishing," alluding to users (victims) "taking the bait" and giving away their login credentials.], automate malware creation, and perform automated social engineering tasks.

Artificial Intelligence is incorporating levels of information and knowledge previously impossible for a human being to acquire. Generative AI uses multiple communication language models, trained to understand what is asked and provide answers at high speed, based on information from consulted databases. These databases may contain errors, forcing the recipient of the information to verify the result. Furthermore, we may receive the product of this process without knowing the chain of reasoning and knowledge that led to a conclusion, creating a dependence on these technologies.

Several nations have implemented AI-related legislative and policy initiatives, although some developed countries are reluctant to establish an international regulatory framework to prevent its harmful use.

International organizations within the United Nations framework are taking steps toward reaching multilateral agreements. Such is the case of the UNESCO Recommendation on the Ethics of Artificial Intelligence, adopted in November 2021 by all member states, the first intergovernmental agreement of its kind.

In Cuba, the Council of Ministers approved the Strategy for the Development of Artificial Intelligence in May 2024, which forms part of the Digital Transformation Policy. This strategy outlines the general and specific objectives for promoting the development, distribution, and safe and responsible use of AI.

The conditions exist to develop and use AI as a key component of the country's socio-economic development and cybersecurity, given the availability of trained human resources with experience in scientific work and in developing practical applications for various social and economic sectors, including cybersecurity.

The strategy clarifies that the implementing entities Companies that develop AI products and solutions must establish control mechanisms over the reliability and security of their data and algorithms, paying particular attention to data privacy and training sources.

Given this scenario, a multidimensional and dynamic approach to data protection is essential, prioritizing the establishment of legal provisions for the ethical and responsible use of AI.

As a matter of policy, the use of personal or confidential data for model training should be avoided, meaning that only the information absolutely necessary for the task at hand should be used.

When the inclusion of sensitive data is unavoidable, it’s advisable to use techniques and methods that hinder its traceability, such as masking, which partially modifies the original values to make them unreadable; replacing them with reversible artificial identifiers; replacing names with neutral labels; deliberately altering certain dates; or removing confidential fields from databases.

Periodic inspections of vital infrastructure will allow for the continuous monitoring of AI systems and the identification and correction of incidents that could expose thousands of confidential data points.

Training and the exchange of best practices in cybersecurity will be essential, as will international cooperation with priority countries, strengthening participation in multilateral and bilateral seminars, technology transfer, investments, and international services.

Translated by Amilkal Labañino / CubaSí Translation Staff