In the second instalment in our Expert insights series on cyber threats and security for 2023, and with a new guest, Edward Millington of CariSec Global, he discusses, among other things: what’s been happening in the cybersecurity space and the changes that have occurred in the threat landscape; how countries can better manage threats to their critical infrastructure and services, which are often under-resourced; and where organisations are making cybersecurity investments, versus where they should actually be investing.

 

This episode is also available on SoundCloudApple Podcasts, Google Podcast, Spotify, Amazon Music and Stitcher!

Although there may not have been a highly publicised cybersecurity attack in the Caribbean region in recent weeks and since the first instalment of our 2023 Expert Insights series in March, incidents are happening all around us. However, organisations are still quite reluctant to share that they have been hacked, as they fear the reputation damage that could result and consequently, the longer-term impact on their business.

Unfortunately, it could be argued that in still trying to address the security threat in isolation from each other – as separate countries and as organisations – we inherently facilitate an internal vulnerability. We are not as aware as we could be of emerging threats so we can be proactive in our response. Further, it appears that we do not believe that by working collectively and collaboratively we would be in a better position individually to address the threats as they arise.

 

Introducing our guest

Edward Millington

Edward Millington is the Founder and Managing Director of CariSec Global Inc., a Caribbean (Barbados) based company, strategically focused on providing security and ICT governance and services to organisations operating in the following sectors: financial, government, health, manufacturing, private, retail, and energy and utilities.

Edward is an Information Systems Security/ICT/Telecommunications veteran spanning two decades, where he directed organisations, leading them in the achievement of further financial goals through strategic planning, designing, and solutions direction. His specialities are in Policy Development, IT and Security Governance, Information and Cyber Security Risk Management, Enterprise Defence and Security, Cybersecurity Incident Management, Malware and Attack Technologies and Security Operations. His complex skills, knowledge and experience assisted many organisations such as Internet Services Providers, ICT Service Providers, telcos, banking, government and governmental organisations in their development and services evolution. One key highlight of his veteran career was his instrumental service to the Government of Barbados, developing and enhancing its information and cyber security posture.

 

Insights into our conversation

Edward is passionate, and vocal, about cybersecurity and seems especially concerned that Caribbean organisations still have not fully appreciated how pervasive and persistent the threats are. It appears that many organisations still believe that there is a ‘pat’ or standard response to cybersecurity: have an antivirus, firewall, etc., installed and they’re all set. However, similar to our previous security guests, Edward sought to disabuse us (once again) that such an approach is optimal. Instead, he suggested that we consider security a battle. We are under attack and need to be battle-trained.

Edward also drew analogies between organisations’ security posture and our attitude towards our personal health. We know about practices that could increase our chances of getting a non-communicable disease, such as hypertension, heart disease and diabetes, and compromise our health, yet we often choose not to adjust our lifestyle, though the likely consequences are clear to see.

  1. To start, what has been going on with respect to cybersecurity and cybercrime in Barbados?
  2. What have been the most prevalent types of incidents? And perhaps what is going on in the wider Caribbean region?
  3. How has the threat landscape changed over the years? Are there any trends, or particular areas of concern, to which we in the Caribbean should be paying attention?
  4. In early March, CariSec Global held a two-day virtual conference under the theme, Reducing Cyber-risks through Cyber Resilience. A conference is a lot to organise, why did you think it was necessary to do so? And how would you describe cyber resilience?
  5. In witnessing first-hand what has occurred at the Queen Elizabeth Hospital in Barbados, what are your thoughts and how might critical services better manage the benefits of digital transformation versus the inherent threats and vulnerabilities attached?
  6. In recent months you have been especially vocal about the state of cybersecurity in the Caribbean region. What are some of your concerns?
  7. In what areas have you observed organisations making cybersecurity investments, versus where you believe they should actually be investing?

 

Do leave us a comment either here beneath this article, or on our Facebook or LinkedIn pages, or via Twitter, @ICTPulse.

Also, if you or a member of your network is interested in joining us for an episode, do get in touch.

Let’s make it happen!

 

Select links

Below are links to some of the organisations and resources that either were mentioned during the episode or otherwise, might be useful:

 

 

Images credit:  E Millington;  Freepik;  Gerd Altmann (Pixabay);  Freepik

Music credit: The Last Word (Oui Ma Chérie), by Andy Narrell

Podcast editing support:  Mayra Bonilla Lopez