In the second instalment of our Expert Insights series on cyber threats and security for 2026, Lieutenant Colonel Godphey Sterling of the Cyber Incident Response Team (CIRT) Division in the Office of the Prime Minister in Jamaica, joins us once again. During this conversation, the Colonel shares his thoughts on, among other things: the changes in the Jamaican threat landscape that have occurred since our last conversation in 2025; how the CIRT Division is integrating cyber incident response with natural disaster response planning; the five-year project that is being implemented to strengthen Jamaica’s cybersecurity capacity; whether the cybersecurity gap is wider in government agencies or private sector organisations; and three things organisations should be doing in 2026 to improve their network/IT security.

 

This episode is also available on SoundCloud, Apple Podcasts, Spotify and Amazon Music.

If the news reports over the past year are to be believed, Jamaica and the Caribbean are facing a rapidly escalating number of cyber threats. According to the global cybersecurity firm Fortinet, “the English-speaking Caribbean experienced 325 million cyberattack attempts in 2025“ (Source Our Today). As a result, and looking ahead to 2026, there was an urgent need for organisations to strengthen their defences.

Based on the earlier conversations we have had so far this year as part of our Expert Insights series, it appears that a novel type of threat has not emerged. Ransomware and phishing are still the top threats in the Caribbean region, but attack volumes have increased and have become even more sophisticated, as the threat actors leverage AI and automation.

In this, the third instalment of the Expert Insights series for 2026, our focus Jamaica, which in 2025 reportedly experienced46.7 million cyberattack attempts and had 7 million active scans detected (Source Our Today).

 

Introducing our guest

Lieutenant Colonel (Retired) Godphey Sterling

Lieutenant Colonel Godphey Sterling served in the Jamaica Defence Force (JDF) for more than 24 years in a number of staff and command roles. During that time, he worked with the MITRE Corporation and US Southern Command (SOUTHCOM) to create the Caribbean Information Sharing Network (CISN) in 1998 and served as the head of its technical working group (TWG) until 2007. He also led, or participated in, the project teams that were responsible for all major technology changes in the JDF between 1998 and 2019.

As Director of the Cyber Incident Response Team (CIRT) Division in the Office of the Prime Minister, he has day-to-day responsibility for governance, risk and compliance within Jamaica’s Cyber ecosystem. He manages the National Security Operations Centre (NSOC) and the Jamaica Cyber Incident Response Team (JaCIRT), providing world-class vulnerability and crisis management as well as incident response. He and his team triage, categorise, refer, respond to and document cyber incidents in Jamaica.

Among his qualifications, Col Sterling holds certificates in Cybersecurity from the US Army War College, George Marshall Centre for Security Studies, and Carnegie Mellon University, a Diploma in Systems Automation from the US Army Signal School, a Bachelors degree, with honours, in Computer Science (University of Technology, Jamaica) and Master’s Degrees in Defence Studies from the Royal Military College of Canada and Cybersecurity from Universidad Isabel I, Madrid, Spain. He also holds certifications from the IEEE in the management of Cybersecurity in the Energy Sector and from the United Nations in the transformation of Digital Governments to Smart Governments.

With nearly three decades spent in various ICT and Cyber-related roles, he is a respected authority on Cybersecurity Regionally and internationally. An avid reader and sports enthusiast, he enjoys the outdoors, as well as solitude and a good book.

 

Insights into our conversation

Against the backdrop of the continued growth in cyber incidents in Jamaica, Colonel Sterling and the CIRT have been fighting the good fight. In the aftermath of Hurricane Melissa, which devastated western parishes in October 2025, and the upsurge in fraudulent websites to accept donations, there is a heightened sense of the “cyber-physical nexus” that exists but is frequently overlooked.

At the same time, the CIRT is operating in an environment where the pipeline of suitable talent is weak, and Jamaica’s cybersecurity framework has not had a significant update since the CIRT Division was established over a decade ago. To that end, a comprehensive suite of initiatives has been tabled, ranging from capacity building in schools to the development of cybersecurity laws to strengthen Jamaica’s cybersecurity posture for years to come.

Below are key questions posed to the Colonel during our conversation.

  1. Can you give us a sense of the current state of the cyber threat landscape in Jamaica and/or the wider Caribbean region and how it has changed since we spoke last year, in 2025?
  2. Following Hurricane Melissa, fraudulent donation websites and a broad range of cyber exploitation emerged. How is the CIRT Division integrating cyber incident response with natural disaster response planning?
  3. You announced a five-year project to strengthen Jamaica’s cybersecurity capacity in September 2025. What are the key milestones, and how will success be measured?
  4. With cyber threats targeting everything from hospitals to financial systems to government services, which sectors are most vulnerable in Jamaica, and are there specific protections that are being prioritised?
  5. Where is the cybersecurity gap wider—government agencies or private sector organisations—and why?
  6. The updated CARICOM Cyber Security and Cybercrime Action Plan, launched in October 2025, added “Incident Response” as a new pillar. How is Jamaica leading or supporting regional implementation, and what’s the biggest barrier to harmonised cybersecurity legislation across CARICOM states?
  7. How does the EU’s Caribbean cybersecurity initiative align with Jamaica’s priorities, and is any specific support being provided?
  8. What are the biggest cybersecurity challenges faced by organisations today?
  9. What might be three (3) key things organisations should be doing in 2026 to improve their network/IT security?

 

We would love to hear your thoughts!

Do leave us a comment either here beneath this article, or on our Facebook or LinkedIn pages, or via Twitter, @ICTPulse.

Also, if you or a member of your network is interested in joining us for an episode, do get in touch.

Let’s make it happen!

 

Select links

Below are links to some of the organisations and resources that were mentioned during the episode, or otherwise, might be useful:

 

 

Images credit:  CIRT Division;  Freepik; DC Studio (Freepik);  Freepik

Music credit: The Last Word (Oui Ma Chérie), by Andy Narrell

Podcast editing support: Mayra Bonilla Lopez