% simiriki · M365 Security Posture Benchmark — Mexico · Q2 2026
% 31 cited sources — auto-generated from data.py

@techreport{simiriki_m365_mx_q2_2026,
  author       = {{simiriki Research}},
  title        = {Benchmark de Postura de Seguridad Microsoft 365 en M{\'e}xico},
  subtitle     = {SMB y Mid-Market · Q2 2026},
  institution  = {simiriki},
  year         = {2026},
  month        = {April},
  version      = {2026.Q2.1},
  note         = {Reproducible from PRNG seed 112704093},
  url          = {https://simiriki.com/reportes/m365-mexico-2026},
}

@techreport{msft_ddr_2024,
  author       = {{Multiple}},
  title        = {Microsoft Digital Defense Report 2024 (Microsoft Corporation, October 2024)},
  year         = {2024},
  url          = {https://www.microsoft.com/en-us/security/security-insider/microsoft-digital-defense-report-2024},
}

@misc{msft_secure_score_2024,
  author       = {{Multiple}},
  title        = {Microsoft 365 Secure Score: benchmarking your tenant (Microsoft Tech Community, 2024)},
  year         = {2024},
  url          = {https://techcommunity.microsoft.com/category/microsoft-defender},
}

@techreport{sophos_ransomware_mx_2024,
  author       = {{Multiple}},
  title        = {Sophos State of Ransomware 2024 — Mexico (Sophos, 2024)},
  year         = {2024},
  url          = {https://www.sophos.com/en-us/whitepaper/state-of-ransomware},
}

@misc{gartner_smb_2024,
  author       = {{Multiple}},
  title        = {Gartner Market Guide for SMB Security Platforms, 2024},
  year         = {2024},
  url          = {https://www.gartner.com/en},
}

@techreport{verizon_dbir_2024,
  author       = {{Multiple}},
  title        = {Verizon 2024 Data Breach Investigations Report},
  year         = {2024},
  url          = {https://www.verizon.com/business/resources/reports/dbir/},
}

@misc{mandiant_mtrends_2024,
  author       = {{Multiple}},
  title        = {Mandiant M-Trends 2024 (Google Cloud, 2024)},
  year         = {2024},
  url          = {https://services.google.com/fh/files/misc/m-trends-2024.pdf},
}

@techreport{ibm_cost_breach_2024,
  author       = {{Multiple}},
  title        = {IBM Cost of a Data Breach Report 2024 — Latin America segment},
  year         = {2024},
  url          = {https://www.ibm.com/reports/data-breach},
}

@misc{inegi_endutih_2023,
  author       = {{Multiple}},
  title        = {INEGI ENDUTIH 2023 — Encuesta Nacional sobre Disponibilidad y Uso de Tecnologías de la Información en los Hogares},
  year         = {2024},
  url          = {https://www.inegi.org.mx/programas/dutih/2023/},
}

@techreport{cnbv_2024,
  author       = {{Multiple}},
  title        = {CNBV — Comisión Nacional Bancaria y de Valores, Reportes Anuales 2023-2024},
  year         = {2024},
  url          = {https://www.cnbv.gob.mx/},
}

@misc{inai_2025_reforma,
  author       = {{Multiple}},
  title        = {Reforma 2025 a la Ley Federal de Protección de Datos Personales en Posesión de los Particulares},
  year         = {2024},
  url          = {https://home.inai.org.mx/},
}

@techreport{dmarc_org_2024,
  author       = {{Multiple}},
  title        = {DMARC Adoption Report 2024 (DMARC.org)},
  year         = {2024},
  url          = {https://dmarc.org/},
}

@misc{valimail_2024,
  author       = {{Multiple}},
  title        = {Valimail Email Fraud Landscape 2024},
  year         = {2024},
  url          = {https://www.valimail.com/resources/},
}

@misc{simiriki_anchors_2026,
  author       = {{Multiple}},
  title        = {simiriki internal anchor scans, n=9, Feb-Apr 2026 (unpublished)},
  year         = {2024},
  url          = {https://simiriki.com/metodologia},
}

@misc{msft_purview_2024,
  author       = {{Multiple}},
  title        = {Microsoft Purview Compliance — adoption telemetry overview (Microsoft, 2024)},
  year         = {2024},
  url          = {https://www.microsoft.com/en-us/security/business/microsoft-purview},
}

@techreport{pci_mx_2024,
  author       = {{Multiple}},
  title        = {PCI-DSS Mexico Adoption Study (ASUG / PCI SSC, 2024)},
  year         = {2024},
  url          = {https://www.pcisecuritystandards.org/},
}

@misc{gartner_dlp_mq_2024,
  author       = {{Multiple}},
  title        = {Gartner Magic Quadrant for Enterprise DLP, 2024},
  year         = {2024},
  url          = {https://www.gartner.com/en},
}

@misc{gartner_epp_mq_2024,
  author       = {{Multiple}},
  title        = {Gartner Magic Quadrant for Endpoint Protection Platforms, 2024},
  year         = {2024},
  url          = {https://www.gartner.com/en},
}

@misc{gartner_uem_mq_2024,
  author       = {{Multiple}},
  title        = {Gartner Magic Quadrant for Unified Endpoint Management, 2024},
  year         = {2024},
  url          = {https://www.gartner.com/en},
}

@misc{gartner_xdr_mq_2024,
  author       = {{Multiple}},
  title        = {Gartner Magic Quadrant for Extended Detection and Response, 2024},
  year         = {2024},
  url          = {https://www.gartner.com/en},
}

@misc{gartner_vuln_mq_2024,
  author       = {{Multiple}},
  title        = {Gartner Magic Quadrant for Vulnerability Management, 2024},
  year         = {2024},
  url          = {https://www.gartner.com/en},
}

@misc{gartner_iam_mq_2024,
  author       = {{Multiple}},
  title        = {Gartner Magic Quadrant for Access Management, 2024},
  year         = {2024},
  url          = {https://www.gartner.com/en},
}

@misc{msft_asr_telemetry,
  author       = {{Multiple}},
  title        = {Microsoft Attack Surface Reduction rules — telemetry overview (MSRC, 2024)},
  year         = {2024},
  url          = {https://learn.microsoft.com/en-us/defender-endpoint/attack-surface-reduction-rules-reference},
}

@misc{msft_intune_2024,
  author       = {{Multiple}},
  title        = {Microsoft Intune deployment stats (MSFT Intune documentation, 2024)},
  year         = {2024},
  url          = {https://learn.microsoft.com/en-us/mem/intune/},
}

@misc{msft_zero_trust,
  author       = {{Multiple}},
  title        = {Microsoft Zero Trust Architecture — guidance (Microsoft, 2024)},
  year         = {2024},
  url          = {https://www.microsoft.com/en-us/security/business/zero-trust},
}

@misc{nom_024_ssa3,
  author       = {{Multiple}},
  title        = {NOM-024-SSA3-2010 — Sistemas de información de registro electrónico en salud},
  year         = {2024},
  url          = {https://www.dof.gob.mx/normasOficiales/3996/salud/salud.htm},
}

@misc{dof_lfpdppp_2025,
  author       = {{Multiple}},
  title        = {Diario Oficial de la Federación — Reforma a LFPDPPP, artículos 11, 19, 20, 23, 2025},
  year         = {2024},
  url          = {https://www.dof.gob.mx/},
}

@techreport{isaca_mx_2024,
  author       = {{Multiple}},
  title        = {ISACA Latin America — State of Cyber 2024},
  year         = {2024},
  url          = {https://www.isaca.org/},
}

@misc{csoftmty_2024,
  author       = {{Multiple}},
  title        = {CSOFTMTY — Estado del Sector TI en Nuevo León 2024},
  year         = {2024},
  url          = {https://csoftmty.org/},
}

@techreport{canieti_2024,
  author       = {{Multiple}},
  title        = {CANIETI — Reporte de Industria TI México 2024},
  year         = {2024},
  url          = {https://canieti.org/},
}

@techreport{ine_ciberseguridad_2024,
  author       = {{Multiple}},
  title        = {INE — Reporte sobre incidentes cibernéticos en procesos electorales 2024},
  year         = {2024},
  url          = {https://www.ine.mx/},
}

@misc{consar_2024,
  author       = {{Multiple}},
  title        = {CONSAR — Circular sobre seguridad de la información en AFORES 2024},
  year         = {2024},
  url          = {https://www.consar.gob.mx/},
}