Skarp
Chile’s Cybersecurity Framework Law and Essential ICT Service Operators
This course explains how Chile’s Cybersecurity Framework Law (Law No. 21.663) regulates ICT and digital service providers that are considered essential service providers and operators of vital importance. You will learn the legal definitions, obligations, governance model, and practical compliance implications for ICT service providers supporting critical services.
Course Content
9 modules · 1h 50m total
From Policy to Law: Overview of Chile’s Cybersecurity Framework
Introduces Chile’s Cybersecurity Framework Law (Law No. 21.663), its objectives, scope, and why it matters for ICT and digital service providers that support critical services.
Essential Services in Chile’s Cybersecurity Law
Defines what counts as an essential service under the law and highlights where ICT, telecommunications, digital infrastructure, and managed IT services fit in.
Operators of Vital Importance: Qualification and Criteria
Explains how essential service providers are classified as Operators of Vital Importance (OVI/OIV), including the specific criteria and procedure led by ANCI.
Governance and Institutions: ANCI, CSIRTs, and Sectoral Authorities
Describes the institutional architecture created by the law, focusing on ANCI’s regulatory and supervisory role over essential ICT and digital service operators.
General Cybersecurity Duties for Essential and OVI Operators
Covers the general cybersecurity obligations that apply to all institutions subject to the law, including ICT service providers that are essential or OVI.
Specific Obligations for Operators of Vital Importance
Zooms in on the additional, stricter obligations that apply specifically to Operators of Vital Importance, with emphasis on ICT-heavy environments.
Incident Management and Reporting for Essential ICT Operators
Details how essential service and OVI operators, including ICT and digital service providers, must detect, report, and respond to cybersecurity incidents under the law.
Supervision, Sanctions, and Enforcement Risks
Explores how ANCI and sectoral authorities supervise compliance, the types of sanctions available, and what this means practically for ICT service providers supporting essential services.
Practical Implications for ICT and Managed Service Providers
Synthesizes the legal framework into concrete implications and action points for ICT, telecommunications, cloud, and managed service providers that may be classified as essential or OVI.
Read the Textbook
Read every chapter for free, right here in your browser.
### Big Picture
Chile has moved from **high-level cybersecurity policy** to a **binding legal framework**.
- **National Cybersecurity Policy 2023–2028**: sets the *strategy* and *priorities*. - **Cybersecurity Framework Law – Law No. 21.663**: sets **concrete, enforceable rules**.