“Cybersecurity is a shared responsibility and it boils down to this: In cybersecurity, the more systems we secure, the more secure we all are.” — Jeh Johnson, former United States Secretary of Homeland Security.

In June 2023, two major cyber attacks took place in Jamaica, these breaches involved JamaicaEye and the Office of the Prime Minister (OPM). These attacks were not extensive but were definitely still threats.

Therefore, we cannot afford to be lackadaisical when it comes to cybersecurity. Today, information is mainly kept on computers and digital databases — and for good reason — due to its efficiency and cost-effectiveness. However, we must ensure that we have the proper security framework and apparatus in order to not fall prey to these hacks that could stifle our institutions, both public and private. In order for this to be done, we will need to give more credence to altruistic hackers, further invest in our cybersecurity infrastructure, and execute an educational campaign.

Since the inception of computers and information technology, the mechanism has been susceptible to breaches. Nefarious individuals who hack for some sort of personal or collectivist gain have wreaked havoc on the information systems industry for decades. In the face of this, several altruistic individuals step up to warn companies and governments of faults and holes in their security systems, these good Samaritans are termed white hat hackers. You would think that governments and the private sector would reward these selfless people who try to inform them of blind spots in their systems, but unfortunately international authorities in the past have taken legal action against these noble individuals who reveal security flaws or some kind of clandestine operation they would rather the public not know.

In order to not disincentivise or scare away people with good intentions, the Government should strive to support and even encourage these individuals. Additionally, the legislative arm should pass laws to protect these types of hackers and whistleblowers. I would also encourage members of the private sector to practise this as well for their own sake. These efforts would anger many who have something to lose, but in the medium to long term, it will strengthen the safeguarding process of our data and systems, thereby improving the welfare of the nation and/or companies, respectively. It would be short-sighted to not take this course of action. However, in order for this system to work to its fullest, the authorities must be fully equipped.

The Major Organised Crime and Anti-Corruption Agency (MOCA) is that authority, and it possesses a cybercrime unit. According to the agency, this division carries out cyber forensics, vulnerability assessments, and penetration testing among other tasks. In the coming years, the threat of cyber attacks will continue to grow, and to have an adequate defence, the Government will have to invest more.

Currently, in the 2023/2024 budget, the organisation was allotted just under $2 billion and is estimated to realise increases in expenditure of around 3.89 per cent, 1.80 per cent, and 1.86 per cent for the next three fiscal years, successively.

According to the Bank of Jamaica (BOJ), June 2023’s annual point-to-point inflation rate was 6.29 per cent. This shows that the estimated increases in expenditure over the next three years are not enough to keep up with the high inflation environment in which Jamaica and, for that matter, the rest of the world operate.

We will need additional funding in order to do a better job of staving off the threat at hand. Amendments to the Cybercrimes Act of 2015 must also be passed to protect Jamaicans’ data using the most up-to-date technology, such as blockchain, high-level encryption, and risk control protocols. This could also provide jobs for young people who are well versed in computer science. Regarding jobs, the computer science industry has been one of the fastest-growing sectors in the world for the last few decades, we should take this as a sign.

According to the Jamaica Information Service (JIS), cybercrime was estimated to cost the world $6 trillion in 2021 and is expected to hit $10.5 trillion by 2025. That is an increase of 75 per cent in four years. We will need more people to step up in order to have the manpower to secure our digital systems. This means the public and private sector must invest in education, especially science, technology, engineering and mathematics (STEM). They can, of course, do this through scholarships, improvement of school facilities, or by moving children out of these volatile areas

On a larger scale, subsidies for cybersecurity businesses can also be given out once they operate and provide jobs in Jamaica. At this point, the foundation would be set, but some safety practices must be employed. Practices such as separating internal and external networks from public Wi-Fi access, providing annual training on social engineering and insider risks, implementing specific pathways for escalation of security-related issues, enabling device logging for auditing, and implement single sign on (SSO) to reduce the need for multiple passwords. These protocols can all be applied in both the private and public sectors, and once these initiatives are carried out, I believe we will see some results in due time. However, with all that done our nationwide defence would still not be adequate, we must go further and push an educational campaign to inform the general masses of smishing, vishing, and phishing attacks.

I’ve seen these educational campaigns from a few entities in the private sector, but it is not sufficient. This proposed campaign should be in every medium, employing personalities that appeal to all generations. It could be done through the newspapers, radio, and online by pairing seasoned celebrities with young social media influencers. This would be especially useful in this age when scamming is not only tolerated but rife in our society.

I must commend newly minted minister without portfolio Senator Dana Morris Dixon on setting up an artificial intelligence (AI) task force. Although most cyberattacks are carried out by humans, the possibility of AI effectively doing so grows stronger every year, as a result, we must be prepared. I am also imploring Minister of National Security Dr Horace Chang to be on top of the cybersecurity apparatus. Crimes may be fought with guns now, but will be fought with computers and AI at a higher frequency the farther we go into the future.

Data is a critical asset that is arguably more valuable than oil. It’s the tool that we use to carry out operations throughout the nation on a daily basis. As a result, cybersecurity needs to be encouraged, taught, and executed, and for this to happen the nation needs to recognise this undeniable fact and invest further in our security apparatus.

Without data protection, there would be unbounded chaos, which would evidently hinder our development in the 21st century as a small island developing state, and that is something we cannot afford.

Cyberattacks are a national security threat and should be treated as such. Once we accept this, we will be well on our way to cyberspace.

Malik Smith is a realtor associate and has a degree in economics and finance. Send comments to maliksmith.realestate@gmail.com or @MalikSmithJM.