With a huge global business surrounding the cybercriminal underground, the Caribbean region is developing systems to reduce cybersecurity threats to its public and private sector agencies.
Speaking at the opening session of the two-day virtual Cyber Security 2023 Reducing Cyber Risks through Cyber Resilience seminar held on Tuesday, Secretary General of the Caribbean Telecommunications Union(CTU) Rodney Taylor said that as organisations from both sectors become increasingly reliant on technology, connectivity is heightening the risk of cyber attacks.
“It’s important for businesses to develop strong cyber resilience to safeguard themselves against these threats. There are reputational risks as well as financial risks to the organisation in case of a breach and if there’s a loss of customer data. Businesses face the challenges of ever evolving threats, the sophistication of the threats, the fact that they’re state actors involved as well, not just teenagers in a basement, but this thing has grown in sophistication as there’s a huge global business around cybersecurity and ransomware. So there’s a lot of money to be made and hence criminals are working around the clock,” he said.
He told those attending the event that CARICOM has developed a cyber security action plan to build the resilience of member states against the risk of these attacks. However, he noted, that this is yet to be fully implemented.
Taylor said “With the support of the Organisation of American States (OAS) also, through the Inter American Committee Against Terrorism, the OAS and the ITU also support member states in the development of national strategies. That’s important because a national strategy for cybersecurity will also address the private sector and what they can do, what strategies can help build resilience in the private sector. We have Jamaica, Trinidad and Tobago, Barbados, Bahamas in Grenada, among others that have already developed strategies.
“In some cases, they haven’t been implemented unfortunately, but those strategies do exist.”
Taylor also revealed that at the legislative level through a project called HIPCAR with the International Telecommunications Union (ITU) focus has been placed on developing legislation around cybercrime and cyber security, privacy and data protection, and lawful interception of communications.
Delivering his remarks, Assistant Commission of the Virgin Islands Sidney Elskoe cautioned that the presence of computers ensures that every workplace is at risk of cyber attacks and insisted that employees be educated on how these attacks may present themselves.
“We can never take it for granted that our colleagues recognise what an attack even looks like. I recall an employee of mine coming into my office laughing about his computer cursor moving around the screen very hurriedly, opening and closing files without his input, and he did not realize that this was an attack. Of course I ran over and yanked the cord out of the wall to stop it, but this is one example,” he said.
Elskoe also said there could be long-term impacts from these attacks.
“In 2019, the USVI police department was hit with a ransomware attack that we are still recovering from. Not only did it create a financial burden for us, but it crippled our record system to a point where we could not fulfill our responsibilities. It goes without saying that we will do everything we can to prevent a recurrence of that event,” he stressed.
Calling the topic of cybersecurity highly relevant to Barbados in recent times, Business and Marketing Consultant for the Barbados Coalition of Service Industries Michelle Smith-Mayers warned that with cyber criminals constantly developing alternate ways to attack systems, the new normal cannot be business as usual. She insisted that businesses can no longer relegate cyber security to the technical support department.
“Cyber criminals are in the business of constantly developing new ways to attack businesses and often the consequences can be devastating. The best way to mitigate risks of cyber attacks is to educate yourself about cyber risks and how to avoid them. The new normal is not business as usual. We cannot be under the disillusionment that we can stay in our comfort zone, relegate cyber protection to our tech support without knowing how to retool the way we operate our businesses to protect against cyber attacks,” she said. (JB)
