As the telecoms providers in the Caribbean seek opportunities to increase their revenues through increase internet penetration across the region risks mushrooms.
The risks are further compounded as societies transcend geographical and physical borders, and realtime communication and business transactions are rapidly becoming an everyday staple. However, utilising the same networks and links that bind us globally as we communicate and do business are now the means through which cyber attacks are being perpetrated.
Cyber threats and attacks from the present day digital pirates are able to strike from virtually anywhere in the world, causing catastrophic social and economic harm to countries that are oceans away.
Caribbean Governments cannot contain these cyber threats singlehandedly for several reasons. There is need for capacity building and overall public sector awareness, most governments do not have a centralized focus on risk and contingency planning and hence issues associated with cyber security are not prioritized, and overall there is no security program plan to increase network visibility and control.
In a recent article published in the St. Maarten Daily Herald, Martin Van Nes, an in-depth specialist in combatting cybercrime in the entire Dutch Caribbean, said cybercrime deserves more attention.
“There is insufficient awareness about cybercrime among residents, within the business community, and in Government. There is an increased threat of cyber-attacks and cyber-security should be stepped up,” he said.
Mr. Van Nes couldn’t be more right, with thousands of new malware variants being released every month, the discovery of new security holes in our day to day applications, thousands of hackers and hacktivist, fraudsters and spammers, and the advanced persistent and targeted attacks our government Administrators are unable to defend the integrity, availability, confidentiality and sovereignty of Caribbean data and information technology resources without help.
Public and private sector in-house IT teams need beefed-up support, greater investments in the latest technology and access to local and international resources that defend systems and data from digital pirates. To think all is safe when there is no clearly defined budget or procedures to deal with defending data and prevent security breaches is merely leaving the doors and windows opened to our government data and infrastructure.
Without a dedicated and planned approach we certainly can predict that the national security, public safety and economic development of our Caribbean governments will be compromised in a time when most islands are facing hard economic times. The decision to wait and see what happens is not an option.
The Panama Papers, the $150M cyber robbery from a Jamaican bank, reports of Isis hijacking regional websites, customers local and regional being hit with ransomware attacks are all indicators that we need to adopt a different approach.
It is clear that the Caribbean government are easy targets for several reasons but there is hope. Governments need to implement a Contingency plan that looks at the impact of cyber breaches on national infrastructure. This plan should leverage a cadre of IT security expertise and skill which will take a 360 degree look at the issue of cyber security. Additionally this plan should be focused on increasing network visibility and management so that potential attacks can be identified and quarantined early.
The Caribbean Cyber Security Center (CCSC) has developed such a team to support Caribbean governments in gaining independent validation and verification assessment and guidance to an improved security posture with reduced risks of exploitation.
Without expert collaboration from a team like the CCSC and possibly others, regional governments lessen their ability to respond to cyber threats and will be expose to greater risks online, as perpetrators learn to exploit national and regional information and communication technology weaknesses within the Caribbean one-by-one.
As an initial step the Government of St. Maarten has taken the proactive approach to tighten up the IT security which has lead to some public sector officers complaining about the restricted access at work. This move was and is necessary to ensure there is greater controlled access to IT systems which hold national security and personal information of the country.
Phase two which will occur very soon will be an upcoming conference on cyber security with the goal of having all stakeholder with in ST. Maarten present to raise the level of awareness. This cyber security conference will be in collaboration with the Bureau of Telecommunications and Post St. Maarten, the Public Prosecutors Office, the Caribbean Cyber Security Center and other national stakeholders.
In addition a draft national security action plan will be developed which will be used as a guide for private and public sector organization to ensure the relevant level of security controls are in place to protect systems from digital pirates.
Deon Olton – ICT / Cyber Security Consultant
Mr. Deon Olton, is a UWI graduate and Certified IT Security practitioner. Well-known expert in cyber security, having assisted multiple organisations improve their security posture, written extensive articles for popular publications, written annual cyber security predictions for the region and appeared as a guest on tv and radio interviews. Mr. Olton’s experience in telecoms, ICT and Cyber Security has allowed him to perform multiple roles in IT Risk Assessment, Security Awareness Training and long-term strategic IT planning.
With this depth of experience and passion Mr. Olton has developed proactive plans to address the growing Cyber Security threats to the Caribbean region’s economies.
As the Project Lead for the Caribbean’s first and only indigenous Cyber security public awareness Campaign, with a mission of “Keeping Caribbean Citizens Safe Online”, he is responsible for the online web portal, creating public service messages, developing age appropriate presentations for parents, schools and the elderly. Additional Mr. Olton has spearheaded community outreach projects to increase knowledge of cyber security within schools and communities all across the region.