Delroy McLean | Dealing with cybersecurity
As the world grapples with the impact of the COVID-19 virus, many hackers are exploiting the panic and discomfort brought on by the pandemic. Images, emails, and documents used to spread awareness on COVID-19 have been found with embedded Baby Shark malware, while maps of the pandemic have been found with the AZORult malware. The devastating impact is loss of valuable personal and business information.
International cybersecurity company Fortinet, along with technology columnists for the New York Times and Forbes Magazine, has reported a steady increase in botnets and phishing since the onset of the virus. Unsurprisingly, the current top targeted industries are telecommunications, financial services, healthcare, and education.
Jamaica is said to have the largest ‘tech-savvy’ population in the English-speaking Caribbean and provides a good environment for entrepreneurs to disrupt traditional business practices through innovation. However, cyber risks grow with digital opportunities, making Jamaica more vulnerable to cyberattacks due to the large ‘tech-connected’ population – an inherent challenge of a digitised environment.
International experts such as Amanda Finch, CEO of the Chartered Institute of Information Security (CIISec), have suggested that the largest cyber breaches of 2020 have already happened but are likely sitting dormant or undetected, a strong possibility, given the current change in work practices driven by the COVID-19 outbreak.
So, what if the breach has already occurred? What if a technical or human error has already taken place and your business is exposed?
Impact and response
For simplicity, let us separate the impact and response into two categories: companies with cybersecurity expertise and those without.
During the initial 24 hours of a cyber breach, many businesses with cybersecurity expertise will scramble to protect their systems from the threat and, in the process, may create major disruptions. However, the existence of cybersecurity expertise and the prior development of robust disaster-recovery plans that pull on internal knowledge experts to mitigate negative outcomes significantly reduces the timeline to identify the threat and begin recovery operations.
Businesses without cybersecurity expertise, including many small and medium-sized businesses in Jamaica, will struggle. Many may not know that they have a breach, and those that do will have to cope with the unplanned recovery costs. Therefore, one of the most thriving segments for the growth and development in our economy is increasingly vulnerable.
Cyberattacks impact businesses in different ways, but for most, they result in reputation damage, loss of critical information, and loss of consumer trust. Imagine that impact on a small business versus a large enterprise.
A 2016 report by JP Chase Morgan & Co Institute suggests that small- or medium-sized businesses can only operate for 27 days if commerce dries up. In contrast, many large enterprises take years to recover from the reputational damage of a major cyber breach. Each is impacted negatively.
In recent weeks, we have seen a spate of cyberattacks on Jamaican businesses. The sad reality is that these attacks will continue. More enterprising cybercriminals will come along seeking to take advantage of ICT vulnerabilities, especially because Internet users worldwide have more than quadrupled from 1 billion in 2005 to more than 4.4 billion at the end of 2019.
Larger enterprises can benefit from Disaster Recovery and Managed Security Enterprise Solutions, which feature cybersecurity threat- prevention tools built into our core platforms. These solutions are coupled with the region’s one-of-a-kind Cyber Threat Security Monitoring and Response Team. In this way, we remove the complexity of cybersecurity for our customers and provide the secure pathway for future growth in digitisation.
The start of this new decade has brought unprecedented challenges for people, industries, and governments. We are operating in a different environment with completely different rules. Let’s ensure that as we strive to adapt, we secure and safeguard our people, ICT infrastructures, and businesses that will support our recovery.
Delroy McLean is senior director, C & W Business Jamaica. Send feedback to columns@gleanerjm.com.

