Caribbean countries have sign off on a plan of action to strengthen regional co-operation and help governments address cyber security vulnerabilities. It follows a five-day meeting in Saint Lucia that brought together legislators, cyber security experts and international law enforcement bodies such as Interpol.
The move is an acknowledgement that cyberattacks are up in the region even as few cases are reported and addressed because of resource shortages and perceived reputational damage.
Priority areas in the action plan include training, legislation, technical capacity and law enforcement. It calls on governments to “foster a culture of security," establish a regional network to gather electronic criminal evidence, and mount regular exercises known as "cyber drills" to prepare for digital attacks.
Recommendations in the plan are based on the results of needs assessments carried out in Trinidad and Tobago, Grenada, Dominica, Antigua and Barbuda and Barbados.
The plan hinges on a multi-sectoral, multi-governmental approach to implement effective cyber-security strategies in a Region prone to attacks.
WATCH: Carribean Tackles Cyber Security Challenges
Some of the most infamous recent attacks in the Caribbean include the theft of US$150 million from the Bank of Nova Scotia in Jamaica in 2014; individuals claiming to be local Islamic State group supporters hacking the website of the government of St. Vincent and the Grenadines in 2015; and a mass ransomware attack on Caribbean tax authorities, which blocked users from accessing their systems while demands for money were made.
Addressing the forum’s opening ceremony, Saint Lucia’s Technology Minister, Dr. James Fletcher, quoted the 2016 Cyber Security Report for Latin America and the Caribbean which states that the majority of countries are not adequately prepared to counteract cyber-crimes.
“We fall short in prevention and mitigation of criminal activity risks in cyber space. The analysis of 49 indicators shows that several countries in our region are vulnerable to potentially devastating cyber-attacks. 4 out of 5 countries do not have cyber-security strategies or critical infrastructure protection plans. The vast majority of our prosecutors lack the legal capacity to prosecute cyber-crimes. If we are to make the most of the so-called ‘fourth industrial revolution,’ we need to create not only a modern and robust digital infrastructure, but also a secure one,” he said.
According to the regional plan, “preventing and combating cybercrime requires involves the development of strategies, legislation, criminal justice and information communication technology expertise, awareness raising, and international cooperation, and involves political, private sector, and civil society leadership at the highest level.”