{"id":167366,"date":"2022-12-07T06:15:00","date_gmt":"2022-12-07T11:15:00","guid":{"rendered":"https:\/\/www.ict-pulse.com\/?p=167366"},"modified":"2022-12-07T06:20:26","modified_gmt":"2022-12-07T11:20:26","slug":"ictp-233-2022-expert-insight-update-on-cyber-threats-and-security-in-the-caribbean-with-obika-gellineau-of-kpmg-trinidad-and-tobago","status":"publish","type":"post","link":"https:\/\/ict-pulse.com\/2022\/12\/ictp-233-2022-expert-insight-update-on-cyber-threats-and-security-in-the-caribbean-with-obika-gellineau-of-kpmg-trinidad-and-tobago\/","title":{"rendered":"ICTP 233: 2022 Expert Insight update on cyber threats and security in the Caribbean, with Obika Gellineau of KPMG Trinidad and Tobago"},"content":{"rendered":"\n<p><em>In the final instalment in our Expert insights series\u00a0on cyber threats and security for 2022, and with Obika Gellineau of KPMG in Trinidad and Tobago, he discusses, among other things: what may have happened in the Massy Stores hacking incident; whether organisations are focusing on risk, reputation, and business continuity in how they approach cybersecurity; and three key things organisations should be doing in 2023 to improve their network\/IT security posture.<\/em><\/p>\n\n\n\n<p>&nbsp;<\/p>\n\n\n\n<iframe loading=\"lazy\" width=\"100%\" height=\"166\" scrolling=\"no\" frameborder=\"no\" allow=\"autoplay\" src=\"https:\/\/w.soundcloud.com\/player\/?url=https%3A\/\/api.soundcloud.com\/tracks\/1397807941&#038;color=%23ff5500&#038;auto_play=false&#038;hide_related=false&#038;show_comments=true&#038;show_user=true&#038;show_reposts=false&#038;show_teaser=true\"><\/iframe><div style=\"font-size: 10px; color: #cccccc;line-break: anywhere;word-break: normal;overflow: hidden;white-space: nowrap;text-overflow: ellipsis; font-family: Interstate,Lucida Grande,Lucida Sans Unicode,Lucida Sans,Garuda,Verdana,Tahoma,sans-serif;font-weight: 100;\"><a href=\"https:\/\/soundcloud.com\/user-673719274\" title=\"ICT Pulse Podcast\" target=\"_blank\" style=\"color: #cccccc; text-decoration: none;\" rel=\"noopener\">ICT Pulse Podcast<\/a> \u00b7 <a href=\"https:\/\/soundcloud.com\/user-673719274\/ictp-233-2022-expert-insight\" title=\"ICTP 233: 2022 Expert Insight update on cyber threats and security in the Caribbean, with Obika Gellineau of KPMG Trinidad and Tobago\" target=\"_blank\" style=\"color: #cccccc; text-decoration: none;\" rel=\"noopener\">ICTP 233: 2022 Expert Insight update on cyber threats and security in the Caribbean, with Obika Gellineau of KPMG Trinidad and Tobago<\/a><\/div>\n\n\n\n<p><strong>This episode is also available on <a href=\"https:\/\/soundcloud.com\/user-673719274\" target=\"_blank\" rel=\"noreferrer noopener\">SoundCloud<\/a>,&nbsp;<a href=\"https:\/\/itunes.apple.com\/us\/podcast\/ict-pulse-podcast\/id1373550291\" target=\"_blank\" rel=\"noreferrer noopener\">Apple iTunes<\/a>, <a href=\"https:\/\/playmusic.app.goo.gl\/?ibi=com.google.PlayMusic&amp;isi=691797987&amp;ius=googleplaymusic&amp;apn=com.google.android.music&amp;link=https:\/\/play.google.com\/music\/m\/Icau5acn2xiyl5yjuh7orl2mt54?t%3DICT_Pulse_Podcast%26pcampaignid%3DMKT-na-all-co-pr-mu-pod-16\" target=\"_blank\" rel=\"noreferrer noopener\">Google Play Music<\/a>, <a href=\"https:\/\/open.spotify.com\/show\/3d0U4ZYX80e5lenYLdzyX4\" target=\"_blank\" rel=\"noreferrer noopener\">Spotify<\/a>, <a href=\"https:\/\/music.amazon.com\/podcasts\/3f727ec1-de7d-416f-8bdc-31d9a911a09e\/ict-pulse-podcast\" target=\"_blank\" rel=\"noreferrer noopener\">Amazon Music<\/a> and <a href=\"https:\/\/www.stitcher.com\/podcast\/ict-pulse-podcast?refid=stpr\" target=\"_blank\" rel=\"noreferrer noopener\">Stitcher<\/a>!<\/strong><\/p>\n\n\n\n<p>In the Caribbean region and on a regular basis, there are news reports about organisations being hacked, and in some instances, data being stolen. Although the number of news reports might be just the tip of the iceberg, the situation is considerably better than it had been just a few years ago when very few incidents were made public.<\/p>\n\n\n\n<p>It thus seems that Caribbean organisations\u2019 attitude to cyber threats and security has been evolving, and it may also be argued, increasingly recognising the need for greater vigilance and investment in security. However, although there might be more awareness, security experts are concerned that basic security measures are still absent in many organisations across the region.<\/p>\n\n\n\n<p>To set us all up to be even more security-vigilant in 2023, this is the final update in our longstanding Expert Insight series on cyber threats and security. Once again, we have invited security experts, to share their knowledge and experience on network intrusion and security, generally and in the Caribbean region.<\/p>\n\n\n\n<p>&nbsp;<\/p>\n\n\n\n<h2 class=\"wp-block-heading\">Introducing our guest<\/h2>\n\n\n\n<figure class=\"wp-block-image alignright size-full is-resized\"><img data-recalc-dims=\"1\" loading=\"lazy\" decoding=\"async\" data-attachment-id=\"167367\" data-permalink=\"https:\/\/ict-pulse.com\/2022\/12\/ictp-233-2022-expert-insight-update-on-cyber-threats-and-security-in-the-caribbean-with-obika-gellineau-of-kpmg-trinidad-and-tobago\/obika-gellineau-o-gellineau\/\" data-orig-file=\"https:\/\/i0.wp.com\/ict-pulse.com\/wp-content\/uploads\/2022\/12\/Obika-Gellineau-O-Gellineau.jpg?fit=442%2C442&amp;ssl=1\" data-orig-size=\"442,442\" data-comments-opened=\"1\" data-image-meta=\"{&quot;aperture&quot;:&quot;0&quot;,&quot;credit&quot;:&quot;&quot;,&quot;camera&quot;:&quot;&quot;,&quot;caption&quot;:&quot;&quot;,&quot;created_timestamp&quot;:&quot;0&quot;,&quot;copyright&quot;:&quot;&quot;,&quot;focal_length&quot;:&quot;0&quot;,&quot;iso&quot;:&quot;0&quot;,&quot;shutter_speed&quot;:&quot;0&quot;,&quot;title&quot;:&quot;&quot;,&quot;orientation&quot;:&quot;1&quot;}\" data-image-title=\"Obika Gellineau (O Gellineau)\" data-image-description=\"\" data-image-caption=\"&lt;p&gt;Obika Gellineau&lt;\/p&gt;\n\" data-medium-file=\"https:\/\/i0.wp.com\/ict-pulse.com\/wp-content\/uploads\/2022\/12\/Obika-Gellineau-O-Gellineau.jpg?fit=300%2C300&amp;ssl=1\" data-large-file=\"https:\/\/i0.wp.com\/ict-pulse.com\/wp-content\/uploads\/2022\/12\/Obika-Gellineau-O-Gellineau.jpg?fit=442%2C442&amp;ssl=1\" tabindex=\"0\" role=\"button\" src=\"https:\/\/i0.wp.com\/fgd.dfv.mybluehost.me\/.website_c81a1e61\/wp-content\/uploads\/2022\/12\/Obika-Gellineau-O-Gellineau.jpg?resize=300%2C300&#038;ssl=1\" alt=\"\" class=\"wp-image-167367\" width=\"300\" height=\"300\" srcset=\"https:\/\/i0.wp.com\/ict-pulse.com\/wp-content\/uploads\/2022\/12\/Obika-Gellineau-O-Gellineau.jpg?w=442&amp;ssl=1 442w, https:\/\/i0.wp.com\/ict-pulse.com\/wp-content\/uploads\/2022\/12\/Obika-Gellineau-O-Gellineau.jpg?resize=300%2C300&amp;ssl=1 300w, https:\/\/i0.wp.com\/ict-pulse.com\/wp-content\/uploads\/2022\/12\/Obika-Gellineau-O-Gellineau.jpg?resize=150%2C150&amp;ssl=1 150w, https:\/\/i0.wp.com\/ict-pulse.com\/wp-content\/uploads\/2022\/12\/Obika-Gellineau-O-Gellineau.jpg?resize=440%2C440&amp;ssl=1 440w\" sizes=\"(max-width: 300px) 100vw, 300px\" \/><figcaption class=\"wp-element-caption\">Obika Gellineau<\/figcaption><\/figure>\n\n\n\n<p><strong><a href=\"https:\/\/www.linkedin.com\/in\/obikag\/\" target=\"_blank\" rel=\"noopener\" title=\"\">Obika Gellineau<\/a><\/strong> is the Cyber Services Manager in KPMG\u2019s Advisory with over 10 years of experience involving Forensics, Criminal Investigations and Information Technology. He has a Master of Science degree in Information Management from the University of Strathclyde in Glasgow. He is Security+, Cybersecurity Analyst+, Pentest+ and CASP+ certified by the Computer Information Technology Industry Association (CompTIA). He is also an Offensive Security Wireless Professional and a Certified Cryptocurrency Auditor.<\/p>\n\n\n\n<p>In his current professional capacity, Obika is the Certifications Coordinator of the Information Systems Audit Control Association (ISACA) Trinidad and Tobago Chapter and is the Communications Director for the Business Continuity Management Information Exchange (BCMIE Caribbean)<\/p>\n\n\n\n<p>Obika has held security positions in both public and private sector institutions, including the Trinidad and Tobago Forensic Science Centre, the Special Anti-Crime Unit Trinidad and Tobago (SAUTT) and First Citizens Bank Limited. During his time in the private sector, he has been instrumental in developing and implementing various projects and cybersecurity\/BCP risk methodologies that support ISO and PCI-DSS standards.<\/p>\n\n\n\n<p>At KPMG, Obika continues to design and develop cybersecurity programmes for KPMG\u2019s various clients to provide innovative solutions. You can follow him on LinkedIn where he regularly shares articles and insights into security and science-related activities.<\/p>\n\n\n\n<p>&nbsp;<\/p>\n\n\n\n<h2 class=\"wp-block-heading\">Insight into our conversation<\/h2>\n\n\n\n<p>If there is anything that this conversation with Obika drove home is how sophisticated and patient many of the intrusions are. They are not necessarily about making a buck quickly, instead, there is an emphasis on acquiring information, learning more about an organisation\u2019s operations and capitalising on its weaknesses. When intrusions are examined through that lens, the need for considerably more vigilance and comprehensive policies and procedures \u2013 which <strong>everyone <\/strong>follows \u2013 is essential.<\/p>\n\n\n\n<p>One of the observations Obika has made, which he shared with us, is that Caribbean organisations still do not focus on the \u2018people\u2019 leg of the security trifecta \u2013 people, process and technology. People, which would cover staff, are not trained in the basics of cyber security, or in the policies and procedures that they ought to be following, which in turn underpin the digital security of organisations. A point highlighted by many of our past experts is that an organisation&#8217;s employees tend to be its greatest security vulnerability, as it is unwittingly through their actions that hackers get access to networks that they can exploit.<\/p>\n\n\n\n<p>Below are a few of the questions posed to Obika during our conversation.<\/p>\n\n\n\n<ol class=\"wp-block-list\" type=\"1\">\n<li>To&nbsp;start, do tell us a little more about yourself and how you got into cyber and information security.<\/li>\n\n\n\n<li>Give us a quick recap of what has been happening in Trinidad and Tobago and\/or the wider&nbsp; Caribbean region regarding cybersecurity threats and incidents.<\/li>\n\n\n\n<li>In what areas have you observed organisations making cybersecurity investments, versus where you believe they should actually be investing?<\/li>\n\n\n\n<li>You would be aware that Massy Stores in Trinidad and Tobago experienced one or more cyber-attacks this year, which started to become public in April. At that time, they denied any intrusion occurred, but it appears that they did not they in fact had been breached until about October. What can organisations do to better detect a breach, and how should they respond?<\/li>\n\n\n\n<li>To what degree do think Caribbean organisations are focusing on risk, reputation, and business continuity in how they approach cybersecurity?<\/li>\n\n\n\n<li>What might be three (3) key things organisations should be doing in 2023 to improve their network\/IT security?<\/li>\n<\/ol>\n\n\n\n<p>&nbsp;<\/p>\n\n\n\n<p class=\"has-text-align-center\"><strong>We would love to hear from you!<\/strong><\/p>\n\n\n\n<p class=\"has-text-align-center\">Do leave us a comment either here beneath this article, or on our <a href=\"https:\/\/www.facebook.com\/ICTPulse\/\" target=\"_blank\" rel=\"noreferrer noopener\"><strong>Facebook<\/strong><\/a> or <a href=\"https:\/\/www.linkedin.com\/company\/ict-pulse-consulting-limited\/\" target=\"_blank\" rel=\"noreferrer noopener\"><strong>LinkedIn<\/strong><\/a> pages, or via Twitter, <a href=\"https:\/\/twitter.com\/ICTPulse\" target=\"_blank\" rel=\"noreferrer noopener\"><strong>@ICTPulse<\/strong><\/a>.<\/p>\n\n\n\n<p class=\"has-text-align-center\"><strong><em>Also, if you or a member of your network is interested in joining us for an episode, <a href=\"https:\/\/fgd.dfv.mybluehost.me\/.website_c81a1e61\/contact\/\" target=\"_blank\" rel=\"noreferrer noopener\">do get in touch<\/a>. <\/em><\/strong><\/p>\n\n\n\n<p class=\"has-text-align-center\"><strong><em>Let\u2019s make it happen!<\/em><\/strong><\/p>\n\n\n\n<p>&nbsp;<\/p>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"select-links\">Select links<\/h2>\n\n\n\n<p>Below are links to some of the organisations and resources that either were mentioned during the episode or otherwise, might be useful:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li><a href=\"https:\/\/www.linkedin.com\/in\/obikag\/\" target=\"_blank\" rel=\"noopener\" title=\"\">Obika Gellineau<\/a><\/li>\n\n\n\n<li><a href=\"http:\/\/www.kpmg.com\/tt\" target=\"_blank\" rel=\"noopener\" title=\"\">KPMG in Trinidad and Tobago<\/a><\/li>\n\n\n\n<li><a href=\"https:\/\/gdg.community.dev\/events\/details\/google-gdg-port-of-spain-presents-defest-caribbean-2022-port-of-spain\/\" target=\"_blank\" rel=\"noopener\" title=\"\">DeFest Caribbean 2022 &#8211; Port-of-Spain<\/a><\/li>\n\n\n\n<li>Trinidad Express Newspapers article, <a href=\"https:\/\/trinidadexpress.com\/news\/local\/cops-investigate-m-lake-asphalt-cyber-heist\/article_67011b70-0de3-11ec-8b60-03334ad6a536.html\" target=\"_blank\" rel=\"noopener\" title=\"\"><em>Cops investigate $m Lake Asphalt cyber heist<\/em><\/a><\/li>\n\n\n\n<li>Kaspersky book, <a href=\"https:\/\/media.kasperskycontenthub.com\/wp-content\/uploads\/sites\/43\/2018\/03\/08064518\/Carbanak_APT_eng.pdf\" target=\"_blank\" rel=\"noopener\" title=\"\"><em>CARBANAK APT THE GREAT BANK ROBBERY<\/em><\/a>&nbsp;<\/li>\n\n\n\n<li>Europol article, <a href=\"https:\/\/www.europol.europa.eu\/media-press\/newsroom\/news\/mastermind-behind-eur-1-billion-cyber-bank-robbery-arrested-in-spain\" target=\"_blank\" rel=\"noopener\" title=\"\"><em>Mastermind behind EUR 1 billion cyber bank robbery arrested in Spain<\/em><\/a><\/li>\n\n\n\n<li>The Guardian article, <a href=\"https:\/\/www.theguardian.com\/games\/2022\/sep\/19\/grand-theft-auto-6-leak-who-hacked-rockstar-and-what-was-stolen\" target=\"_blank\" rel=\"noopener\" title=\"\"><em>Grand Theft Auto 6 leak: who hacked Rockstar and what was stolen?<\/em><\/a><\/li>\n\n\n\n<li>Massy Stores media release, &nbsp;<a href=\"https:\/\/massystorestt.com\/media-release-cyber-attack-identified-as-cause-of-technical-shutdown\/\" target=\"_blank\" rel=\"noopener\" title=\"\"><em>Cyber attack identified as cause of technical shutdown<\/em><\/a><\/li>\n\n\n\n<li>Trinidad Express Newspapers article, <a href=\"https:\/\/trinidadexpress.com\/news\/local\/cyber-attack\/article_5c6a5630-c75c-11ec-864f-a3b8b0a35add.html\" target=\"_blank\" rel=\"noopener\" title=\"\"><em>CYBER ATTACK<\/em><\/a><\/li>\n\n\n\n<li>Loop Trinidad and Tobago article, <a href=\"https:\/\/tt.loopnews.com\/content\/massy-stores-confident-data-was-not-breached-misused-cyberattack\" target=\"_blank\" rel=\"noopener\" title=\"\"><em>Massy Stores confident data was not breached, misused in cyberattack<\/em><\/a><\/li>\n\n\n\n<li>TechNewsTT article, <a href=\"https:\/\/technewstt.com\/hive-ransomware-cyberattack-massy\/\" target=\"_blank\" rel=\"noopener\" title=\"\"><em>Updated: Hive Ransomware goes public on Massy Stores infiltration<\/em><\/a><\/li>\n\n\n\n<li>Trinidad and Tobago Guardian article, <a href=\"https:\/\/guardian.co.tt\/business\/massy-stores-investigates-6.2.1559871.0964fb7fdf\" target=\"_blank\" rel=\"noopener\" title=\"\"><em>Massy Stores investigates cyber attack information leak<\/em><\/a><\/li>\n\n\n\n<li>Trinidad and Tobago Newsday article, <a href=\"https:\/\/newsday.co.tt\/2022\/10\/31\/stonewalling-silence-over-data-breaches\/\" target=\"_blank\" rel=\"noopener\" title=\"\"><em>Stonewalling &amp; silence over data breaches<\/em><\/a><\/li>\n<\/ul>\n\n\n\n<p>&nbsp;<\/p>\n\n\n\n<p>&nbsp;<\/p>\n\n\n\n<p><em>Images credit:\u00a0 O Gellineau;\u00a0 Gerd Altmann (<a href=\"https:\/\/pixabay.com\/\" target=\"_blank\" rel=\"noopener\" title=\"\">Pixabay<\/a>);  kat wilcox (<a href=\"http:\/\/pexels.com\/\" target=\"_blank\" rel=\"noopener\" title=\"\">Pexels<\/a>);\u00a0 <a href=\"https:\/\/www.freepik.com\/\" target=\"_blank\" rel=\"noopener\" title=\"\">Freepik<\/a><\/em><\/p>\n\n\n\n<p><em>Music credit: The Last Word (Oui Ma Ch\u00e9rie), by Andy Narrell<\/em><\/p>\n\n\n\n<p><em>Podcast editing support:&nbsp; Mayra Bonilla Lopez<\/em><\/p>\n\n\n\n<p>&nbsp;<\/p>\n","protected":false},"excerpt":{"rendered":"<p>In the final instalment in our Expert insights series on cyber threats and security for 2022, and with Obika Gellineau of KPMG in Trinidad and Tobago, he discusses, among other things: what may have happened in the Massy Stores hacking incident; whether organisations are focusing on risk, reputation, and business continuity in how they approach cybersecurity; and three key things organisations should be doing in 2023 to improve their network\/IT security posture.<\/p>\n","protected":false},"author":2,"featured_media":167368,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_et_pb_use_builder":"off","_et_pb_old_content":"","_et_gb_content_width":"","om_disable_all_campaigns":false,"_exactmetrics_skip_tracking":false,"_exactmetrics_sitenote_active":false,"_exactmetrics_sitenote_note":"","_exactmetrics_sitenote_category":0,"_monsterinsights_skip_tracking":false,"_monsterinsights_sitenote_active":false,"_monsterinsights_sitenote_note":"","_monsterinsights_sitenote_category":0,"jetpack_post_was_ever_published":false,"_jetpack_newsletter_access":"","_jetpack_dont_email_post_to_subs":false,"_jetpack_newsletter_tier_id":0,"_jetpack_memberships_contains_paywalled_content":false,"_jetpack_memberships_contains_paid_content":false,"footnotes":"","jetpack_publicize_message":"","jetpack_publicize_feature_enabled":true,"jetpack_social_post_already_shared":true,"jetpack_social_options":{"image_generator_settings":{"template":"highway","enabled":false},"version":2}},"categories":[355],"tags":[71,105,357,15],"class_list":["post-167366","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-podcast","tag-businesses","tag-cybercrimecybersecurity","tag-interviews","tag-trends","et-has-post-format-content","et_post_format-et-post-format-standard"],"jetpack_publicize_connections":[],"aioseo_notices":[],"jetpack_sharing_enabled":true,"jetpack_featured_media_url":"https:\/\/i0.wp.com\/ict-pulse.com\/wp-content\/uploads\/2022\/12\/Featured-Image-\u2013-Obika-Gellineau.jpg?fit=1024%2C576&ssl=1","jetpack_shortlink":"https:\/\/wp.me\/p2iE1G-Hxs","jetpack-related-posts":[],"_links":{"self":[{"href":"https:\/\/ict-pulse.com\/wp-json\/wp\/v2\/posts\/167366"}],"collection":[{"href":"https:\/\/ict-pulse.com\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/ict-pulse.com\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/ict-pulse.com\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/ict-pulse.com\/wp-json\/wp\/v2\/comments?post=167366"}],"version-history":[{"count":4,"href":"https:\/\/ict-pulse.com\/wp-json\/wp\/v2\/posts\/167366\/revisions"}],"predecessor-version":[{"id":167378,"href":"https:\/\/ict-pulse.com\/wp-json\/wp\/v2\/posts\/167366\/revisions\/167378"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/ict-pulse.com\/wp-json\/wp\/v2\/media\/167368"}],"wp:attachment":[{"href":"https:\/\/ict-pulse.com\/wp-json\/wp\/v2\/media?parent=167366"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/ict-pulse.com\/wp-json\/wp\/v2\/categories?post=167366"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/ict-pulse.com\/wp-json\/wp\/v2\/tags?post=167366"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}