In the third instalment in our Expert Insights series on cyber threats and securityfor 2024, and withEdward Millington of CariSec Global, he discusses, among other things: the latest developments in the security space; the relationship between the data protection and cybercrime frameworks; some of the reasons why the Barbados House of Assembly sent the Cybercrime Bill 2024 back to the Joint Select Committee for review and amendment; the use of AI to facilitate threats and security; and the priority areas in which organisations should be making their cybersecurity investments in 2024.
This episode is also available on SoundCloud, Apple Podcasts, Google Podcasts, Spotify and Amazon Music!!
The day this podcast episode is released, Wednesday, 3 July 2024, Jamaica will be bracing for Hurricane Beryl, a Category 4 hurricane that decimated the islands of Carriacou and Petit Martinique, which are part of Grenada and caused extensive property damage in several other Eastern Caribbean countries. Since we cannot prevent a hurricane, the typical focus of the disaster management strategies we have for our homes and organisations is ensuring our resilience. In other words, having prepared as best as we can in anticipation of the disaster, during and in its aftermath, how well can we survive? And how well and how quickly can we recover?
The same is true in the digital security space. Though we need to invest in prevention and protection, with the increasing sophistication of the threats and the threat actors, it is almost inevitable that our networks or systems will experience some kind of intrusion. However, having been compromised, can quickly can we recover to limit downtime and loss?
In the third update of our 2024 Expert Insights series, we are joined once again by Edward Millington of CariSec Global Inc., who shares his thoughts and perspective on cyber threats and security in the Caribbean region.
Introducing our guest
Edward Millington is the Founder and Managing Director of CariSec Global Inc., a Caribbean (Barbados) based company, strategically focused on providing security and ICT governance and services to organisations operating in the following sectors: financial, government, health, manufacturing, private, retail, and energy and utilities.
Edward is an Information Systems Security/ICT/Telecommunications veteran spanning two decades, where he directed organisations, leading them in the achievement of further financial goals through strategic planning, designing, and solutions direction. His specialities are Policy Development, IT and Security Governance, Information and Cyber Security Risk Management, Enterprise Defence and Security, Cybersecurity Incident Management, Malware and Attack Technologies and Security Operations. His complex skills, knowledge and experience assisted many organisations such as Internet Services Providers, ICT Service Providers, telcos, banking, government and governmental organisations in their development and services evolution. One key highlight of his veteran career was his instrumental service to the Government of Barbados, developing and enhancing its information and cyber security posture.
Insights into our conversation
As much as we have been conducting regular updates on the state of cyber threats and security in the Caribbean region over the past 12 years(!), there was an ‘a-ha moment’ in this conversation with Edward. Though we may all appreciate the vigilance required to keep our systems and networks safe, there are similarities with the role and effort a Ministry or Department of Defence plays for a government or a country.
Within the Ministry or Department of Defence construct, the overarching objective is ensuring that a country is prepared for all kinds of threats. As a result, these entities tend to operate in a hyper-vigilant state: to identify existing and potential threats as early as possible to best manage or mitigate the worst possible outcomes. However, if situations cannot be avoided, they are also prepared to manage them to limit the loss of life and property.
We ought to adopt a similar mindset for digital security: vigilance, but also being proactive about managing, containing and quickly recovering from incidents when they occur.
Below are questions posed to Edward that helped to guide the conversation.
- What has been going on regarding cybersecurity and cybercrime in Barbados? What have been the most prevalent types of incidents? And perhaps what is going on in the wider Caribbean region?
- Noting that data protection and cybersecurity support and complement each other, and Barbados’s Data Protection Act has been in force since March 2021 and there is also a Data Protection Commissioner, how is the data protection aspect working?
- Barbados has been in the process of promulgating cybercrime legislation. The Bill was passed in the House of Assembly but then sent back to a Joint Select Committee. What were some of the reasons behind that move, and where do things stand now?
- Recently, Barbados Today published a notice about a fraudulent article that was being circulated imitating its website. Though Barbados Today sought to distance itself from the article and warn users about it, what are your thoughts on this situation?
- What are your thoughts regarding the use of AI to facilitate threats and in security?
- In the past, you were especially vocal about the state of cybersecurity in the Caribbean region. What are your current observations and do you have any specific concerns?
- What are the most pressing security threats facing individuals and organisations today?
- In what area or areas should organisations be prioritising their security investment?
We would love to hear your thoughts!
Do leave us a comment either here beneath this article, or on our Facebook or LinkedIn pages, or via Twitter, @ICTPulse.
Also, if you or a member of your network is interested in joining us for an episode, do get in touch.
Let’s make it happen!
Select links
Below are links to some of the organisations and resources that either were mentioned during the episode, or otherwise, might be useful:
- Edward Millington
- CariSec Global Inc.
- ICT Pulse Podcast episode, ICTP 250: 2023 Expert Insight update on cyber threats and security in the Caribbean, with Edward Millington of CariSec Global
- ICT Pulse Podcast episode, ICTP 272: Expert insights update on cyber threats and security in the Caribbean, with Dale Joseph of CARICOM IMPACS
- Barbados Cybercrime Bill, 2024
- Barbados Today article, Expert says Cybercrime Bill not in touch with progressive jurisprudence
- The Barbados Bar Association Report to Joint Select Committee of Parliament on Cybercrime Bill, 2024
- Niel Harper blog post, Comments on the Barbados Cybercrime Bill (2023)
- Barbados Today article, A NOTICE TO OUR READERS
- UWI Five Islands AI Conference
- ISO/IEC 27001:2022, Information security, cybersecurity and privacy protection — Information security management systems — Requirements
Images credit: CariSec Global; Tima Miroshnichenko (Pexels); Amrulqays Maarof (Pixabay); Elchinator (Pixabay)
Music credit: The Last Word (Oui Ma Chérie), by Andy Narrell
Podcast Editing Support: Mayra Bonilla Lopez
