#BTColumn – COVID-19 pandemic: cyber security warnings and call to action

Disclaimer: The views and opinions expressed by this author are their own and do not represent the official position of the Barbados Today Inc.

It remains critically important that Barbados uses the awareness expressed at the recent 2020 CARICOM Virtual Security Conference to advance the establishment of a National Cyber Security Strategy. 

Additionally, cyber security professionals from across the Caribbean diaspora urge regional leaders to take urgent action towards the rapid implementation of a sustainable national cyber security strategy based on the following key reasons summarized below.

1. COVID-19 accelerating cyber threat

The COVID-19 pandemic has globally driven more people online for work and play, which has accelerated the cyber threats on many fronts. Since the pandemic started, there has been a reported record global rise in data theft-related incidents, noting that often it can take most organisations as much as one year to realise they have been hacked or compromised.

2. National cyber security & data privacy leadership

Many Caribbean countries do not have designated resources to lead a national effort to improve the nation’s cyber and data security posture. A centrally recognised leader is essential in addressing the wide range of risk faced across government ministries, the private sectors and the citizenry at large.

3. Regional cyber safety public service announcement campaign series

Regional awareness campaigns are needed for cyber safety and privacy. In the post-COVID world, it is now critical that national investments are made in cyber security and privacy awareness.

4. National Computer Security Incident Response Team (CSIRT) capabilities

Several Caribbean countries lack Computer Security Incident Response Teams (CSIRTs). CSIRTs are an important element in helping nations fight cyber criminals, hackers, and technology vulnerabilities. Today, there are hundreds of CSIRTs around the world operated by both governmental and non-governmental organisations. A National Computer Security Incident Response Team (NCSIRT) is a designated office within government with national responsibility to assist both the private and public sectors in responding to security and data theft incidents and breaches.

5. Regional cyber security and data privacy expertise and opportunities

The Caribbean region needs to further leverage and cultivate the cyber security knowledge, talent and expertise that lay within our shores. We need a regional approach to providing cyber security and data privacy training and education in the effort to lower our national dependence on external international entities for such expertise. This will be key in sustaining and developing future locally grown talent.

6. Many government networks may already be compromised, and we don’t know it

Governments need to conduct routine vulnerability scans and penetration tests of all internet-facing components of their networks, if this is not already being done, to know whether their network is vulnerable. There are many in the region who unfortunately still believe that the Caribbean is too small for hackers to be interested in, regrettably with 44 million people in the region collectively, this could not be further from the truth.

7. Global partnership and opportunities

There are economies of scale benefits if both the government and the private sector can negotiate together on pricing for various services from vendors across a wide range of existing and emerging markets.

As previously stated, with online usage expected to rise due to the COVID-19 pandemic, it is critically important that Barbados move from talk to action in the rapid development of a national cyber security strategy and action plan.

The time for action is now.

James Bynoe: International Cyber Security Expert, Caribbean Cyber Security and Privacy Association (Member)

The Caribbean CSPA was incorporated in May 2020 to transform the Caribbean into an international hub for Cyber Security and Data Privacy. Our members are Cyber Security professionals from across the region and the diaspora. Our goals are to: develop professionals, protect businesses, educate citizens.