Cybersecurity attacks have been rising globally since the beginning of the novel coronavirus pandemic. The Caribbean is no exception, and no organisation is immune. Experts have flagged the Caribbean region’s vulnerability to breaches for several years.

Earlier in 2021, the Jamaican government experienced three significant security breaches relating to its JamCOVID app – a platform designed to connect Jamaican residents and travellers with resources to manage travel, quarantine, symptom checking and other COVID-19-related information. Many were surprised, given that Jamaica is considered a leader in best cybersecurity practices. The country recently passed the relatively strict Data Protection Act in 2020, drawing heavily from the EU’s GDPR laws.

If even governments are vulnerable to cybersecurity attacks, how can business leaders catch and mitigate vulnerabilities in their systems?

Review the Basics

Make software updates mandatory at your company. While many employees find them annoying, the benefit-to-cost ratio is massive. Many updates include patches for security gaps. Without them, you may be leaving your systems vulnerable to breaches.

Tighten your password protocols. According to Nordpass, over 130 000 people used ‘123456’ as a password in Chile in 2020. Hackers often don’t have to do anything complicated to breach your system, mainly if an administrator uses a standard, insecure password. Your team’s passwords should be complex, with various characters, cases, and numbers. They should be changed regularly and not duplicated across any applications or websites.

Build the Right Team

Have you heard of white hat hackers? Also known as ethical hackers, these savvy IT professionals can help your company get ahead of breaches and avoid cybercrime by thinking like malicious hackers. Provide regular, comprehensive security training to all employees. Some cybersecurity procedures will be second nature to members of your team – but not everyone. According to a study by Microsoft in 2020, 29% of urban residents in Latin America and the Caribbean may not have access to internet connectivity. And this number rises to 63% when you look at rural populations. Some of your employees may not have had the opportunity to learn best practices online growing up.

Get Serious About Ransomware Threats

A 2020 report released by the Cyber Security Incident Response Team (CSIRT) in Trinidad and Tobago identified the following top ransomware attack vectors: Exploiting system vulnerabilities – particularly outdated firewall devices and exposed remote desktop protocol; Phishing emails with infected attachments or links; Compromising user credentials

How can you protect your business against these vulnerabilities? Although there are no guarantees of complete prevention, the CSIRT recommends that companies: Use inbound email scanning to protect against malicious actors sending harmful attachments or pretending to be a company executive or other influential figure.; Add two-factor password authentication. Compromised passwords are responsible for any security breaches. A second step, such as two-step logins, can impede a breach.

Run routine data backups. Even if your systems are compromised, you don’t have to be hostage to paying ransomware if you already have all the data on a separate system.

Seek More Support from your Government

Cybersecurity attacks are expensive – especially considering the full spectrum of financial, labour, time and opportunity costs incurred. Companies that experience cybersecurity attacks are inclined to keep them a secret to avoid reputational damage. And countries with weak cybercrime laws suffer as a result. Several institutions, including the Inter-American Developmental Bank, urge companies operating in the Caribbean to seek collaboration across borders, harmonise fragmented laws, and build cooperation across industries and countries to counter cybercrime. Many countries outside the Council of Europe have joined Budapest Convention on Cybercrime to get similar benefits.

So how can business leaders create change? Cybercrime is likely on your government’s radar, especially in Jamaica, Trinidad, and Tobago. Be vocal with your local politicians about the support you need to run a secure business. If you run a business across many countries in the Caribbean, be open with your counterparts operating in a different division. Set up a grassroots local business council in your local region.

Engage with a Managed Security Service Provider

Building a strong cybersecurity posture can be complex and costly — and there are some factors beyond your control. According to the Inter-American Development Bank, there is a shortage of 600 000 cybersecurity professionals in the Latin American & Caribbean region.

So how are companies expected to do this without enough qualified security workers? The good news is, you don’t have to. Managed security service providers like Hitachi can deliver cybersecurity, compliance and data privacy solutions for organisations of any size and region.

Contributed by Stephen Juteram, Hitachi Systems Security, on behalf of the Jamaica Technology and Digital Alliance. Feedback to marketing@jtda.org.