Is it just me, or is the Caribbean beginning to take cybercrime and cybersecurity more seriously?
Over the past several weeks, attention on cybercrime and cybersecurity appears to have increased. Is this a signal that Caribbean countries and the region as a whole are readying themselves to tackle these issues?
Whether planned or by coincidence, over the past few weeks there has been a marked increase in the conversations on cybercrime and cybersecurity across the Caribbean. The uptick appeared to have coincided with the Caribbean Internet Governance Forum, organised by the Caribbean Telecommunications Union (CTU) and held in Curaçao during the week of 9 September, which was followed soon thereafter by the Carib Network Operators’ Group (CaribNOG) meeting in Belize.
To their credit, the CTU and CaribNOG have been sensitising policy makers to key cybercrime and cyber security issues for the last couple of years, and have forged strategic partnerships with a few international agencies for technical support. Although it appeared that their efforts had fallen on deaf ears, they might be getting some traction after all. In recent months, and as reflected in our weekly ICT/tech new roundups, countries in the region, both individually and collectively, seem to be having more discussions on cybercrime and cybersecurity, but more importantly and to varying degrees, might be beginning to take some action.
For example, countries have been having their own local meetings to discuss the topics, as well as to advance discussions on specific systems, such as Internet Exchange Points, which are a critical component of any digital security and sovereignty framework that is being considered. Further, plans are underway in Jamaica to establish a Cyber Emergency Response Team (CERT), which is being done with technical support from the International Telecommunications Union (ITU), among others, and should be operational by year end.
Additionally, other noteworthy initiatives that support country-level and regional efforts has been the establishment of the Caribbean Cyber Security Center (CCSC), which offers services including, penetration testing, and vulnerability and risk assessments. Over the past several months, the CCSC has been gaining visibility across the region, and recently, it launched THINKCLICKSURF, which provides guidance to children, parents and teachers on being safe online. Although a wealth of tips are available on the THINKCLICKSURF website, the CCSC team can also develop customised programmes, which so far, Curaçao has invited them to roll out.
No resting on laurels
Although the above paragraphs highlight some of the strides that have been made across the region to begin to address cybercrime and cybersecurity, it must be emphasised that we should not be resting on our laurels. About two weeks ago, reports surfaced that banks in the Cayman Islands had been the victim of fraud perpetrated via email:
The RCIPS’ finance cops say there have been a number of incidents where fraudsters have acquired bank details by hacking email accounts and sending fraudulent wire instructions…
The police said that hundreds of thousands of dollars have been fraudulently wired from the Cayman Islands to the US, Hong Kong, Singapore, Malaysia, Denmark and other jurisdictions. By the time attempts are made to recall the fraudulent wires, the funds have been collected and it is too late…
(Source: Cayman News Service)
Although banks and other financial institutions tend to be more aware of their susceptibility to fraud and other crimes, and as such aim to be continually vigilant, other organisations – both public and private – might not be as inclined. For many, the cost and expertise needed to address vulnerabilities found within their organisations might be perceived of as a headache they wish to avoid. Furthermore, for decision makers (i.e. those who sign the cheques and approve major initiatives) matters related to cybercrime and cybersecurity, along with how their organisations are vulnerable to attacks, are often not easily understood and appear to detract from whatever their core business might be.
Having said this, cybercrime is not going away, but promises to become more sophisticated in the coming years, as outlined by Trends Micro below. Hence it is hoped that the attention that it and cybersecurity have been getting in the Caribbean will continue, and that a cogent and more proactive approach will be implemented in individual countries, bolstered by regional collaboration and support.
Image credit: Stuart Miles / FreeDigitalPhotos.net