In the second instalment in our Expert insights series on cyber threats and security for 2024, and with Obika Gellineau, the Cyber Services Manager of KPMG in Trinidad and Tobago, he discusses, among other things: the Telecommunications Services of Trinidad and Tobago (TSTT) data leak; AI-related security risks of which we should be aware; the biggest cybersecurity challenges faced by businesses today; and three key things organisations should be doing in 2024 to improve their network/IT security posture.

 

This episode is also available on SoundCloud, Apple Podcasts, Google Podcasts, Spotify and Amazon Music!!

Over the past several months, the posture of Caribbean businesses and organisations appears to be changing if they experience a cyber-attack. Generally, the practice was to deny that an incident had occurred, but these days, organisations seem to be volunteering such information – which is definitely a step in the right direction – though they still are tight-lipped on the details. However, having done the Expert Insights series on cyber threats and security for over 10 years (!), we can track how attitudes have been evolving whilst also highlighting new and emerging threats.

We kicked off our 2024 Expert Insights series update with Sean Slattery of Caribbean Solutions Lab. Today’s podcast episode features Obika Gilleneau of KMPG who was one of our Expert Insights guests in 2022. Obika is back again, and this time, incident at Telecommunications Services of Trinidad and Tobago (TSTT), the incumbent telecoms company, is front and centre.

 

Introducing our guest

Obika Gellineau

Obika Gellineau is the Cyber Services Manager in KPMG’s Advisory with over 10 years of experience involving Forensics, Criminal Investigations and Information Technology. He has a Master of Science degree in Information Management from the University of Strathclyde in Glasgow. He is Security+, Cybersecurity Analyst+, Pentest+ and CASP+ certified by the Computer Information Technology Industry Association (CompTIA). He is also an Offensive Security Wireless Professional and a Certified Cryptocurrency Auditor.

In his current professional capacity, Obika is the Certifications Coordinator of the Information Systems Audit Control Association (ISACA) Trinidad and Tobago Chapter and is the Communications Director for the Business Continuity Management Information Exchange (BCMIE Caribbean)

Obika has held security positions in both public and private sector institutions, including the Trinidad and Tobago Forensic Science Centre, the Special Anti-Crime Unit Trinidad and Tobago (SAUTT) and First Citizens Bank Limited. During his time in the private sector, he has been instrumental in developing and implementing various projects and cybersecurity/business continuity planning risk methodologies that support the International Organization for Standardization (ISO) and Payment Card Industry Data Security Standard (PCI-DSS) standards.

At KPMG, Obika continues to design and develop cybersecurity programmes for KPMG’s various clients to provide innovative solutions. You can follow him on LinkedIn where he regularly shares articles and insights into security and science-related activities.

 

Insights into our conversation

Whenever Obika is on the Podcast, it seems to be on the heels of a major cyber incident in Trinidad and Tobago! The last time, it was the Massey attack, and this time around, it is the data leak involving TSTT. Honestly, folks, it was not intentional, but with these major incidents staying in the news for several months after they occurred, they became the elephant in the room that could not be avoided – especially when speaking with a security expert based in Trinidad and Tobago!

Nevertheless, there was quite a bit to discuss and unpack in this conversation with Obika, and he is generous with his knowledge and insights. In addition to TSTT, another area we covered was how artificial intelligence is being used by threat actors, for which Obika shared an interesting (but true!) incident that highlighted how deepfakes are being used to execute crimes.

Below are the questions that guided our discussion.

  1. To start, can you give us a quick recap of what has been going on in Trinidad and Tobago and/or the wider Caribbean region, with regard to cybersecurity threats and incidents?
  2. When you were last on the podcast in 2022, we discussed the Massy Stores cyberattack in Trinidad. Now, the country seems to still grappling with the fallout from the incident at the incumbent telecoms company, TSTT. For those who might not be aware, let’s start with you giving us a synopsis of what occurred and what learnings have emerged from that situation.
  3. Have you observed any changes in the posture of Caribbean organisations in managing risk, reputation, and business continuity in how they approach cybersecurity?
  4. With the growing integration of AI in our everyday lives, are there any security risks of which we should be aware?
  5. What role do artificial intelligence and machine learning play in enhancing cybersecurity defences?
  6. What are the biggest cybersecurity challenges faced by businesses today?
  7. What might be three (3) key things organisations should be doing in 2024 to improve their network/IT security?

 

We would love to hear your thoughts!

Do leave us a comment either here beneath this article, or on our Facebook or LinkedIn pages, or via Twitter, @ICTPulse.

Also, if you or a member of your network is interested in joining us for an episode, do get in touch.

Let’s make it happen!

 

Select links

Below are links to some of the organisations and resources that either were mentioned during the episode, or otherwise, might be useful:

 

 

Images credit;  O Gellineau;  Freepik;  Darwin Laganzon (Pixabay);  Blogtrepreneur (flickr)

Music credit: The Last Word (Oui Ma Chérie), by Andy Narrell

Podcast editing support: Mayra Bonilla Lopez