{"id":4032,"date":"2012-06-01T08:29:42","date_gmt":"2012-06-01T13:29:42","guid":{"rendered":"http:\/\/www.ict-pulse.com\/?p=4032"},"modified":"2013-02-06T09:36:24","modified_gmt":"2013-02-06T14:36:24","slug":"escalating-cyber-security-up-the-political-agenda","status":"publish","type":"post","link":"https:\/\/ict-pulse.com\/2012\/06\/escalating-cyber-security-up-the-political-agenda\/","title":{"rendered":"Escalating cyber security up the political agenda"},"content":{"rendered":"

In the final day of the CTU-organised 10th<\/span>\u00a0Ministerial Seminar, the discussions sought to galvanise Caribbean countries to more decisive action on cyber security.<\/em><\/p>\n

\"\"<\/a>Wednesday, 30 May, day 2 and the last day of the 10th<\/span>\u00a0Ministerial Strategic Seminar, hosted by the Caribbean Telecommunications Union (CTU)<\/a>, focussed almost exclusively on cyber security, which the organisation believes is a critical issue yet to be decisively addressed in the region. Moreover, the experts in our three-part series on cyber security and threats (who were from Barbados<\/a>, Jamaica<\/a> and Trinidad and Tobago<\/a>), all corroborated this view that cyber crime is highly prevalent in the Caribbean. Hence Wednesday\u2019s session sought not only to highlight the current situation, but also to provide some strategies that countries could explore and implement.<\/p>\n

The danger is real and very sophisticated<\/h3>\n

To kick off the day\u2019s proceedings, the attendees, who comprised primarily Caribbean Ministers with responsibility for telecoms and\/or ICT, and public and private sector technocrats, got some insight into current challenges and frameworks in the OAS and UK, from representatives from CICTE (Inter-American Committee against Terrorism)<\/a> and SOCA (Serious Organised Crime Agency)<\/a>, respectively. A key point of note from Andrew Auld, Cyber Intelligence Manager at SOCA, is the fact that the advances in technology and the Internet is causing cyber crime to become more organised and structured. For example he noted that many of the more successful cyber crime groups have established hierarchical structures to oversee and vet the quality of the coding that is being prepared by its members, who are all anonymous (See Figure 1). \u00a0Mr. Auld also highlighted that cyber crime has become commoditised. For example, it is possible to purchase online bulk data on compromised credit cards, to off the shelf and custom designed malware and attack systems.<\/p>\n

\"\"<\/a>

Figure 1: Typical structure of a well organised cyber crime syndicate (Source: ICT Pulse)<\/p><\/div>\n

In a panel discussion that followed, Gregory Richardson of 1337 \u201cLeet\u201d Networks Inc.<\/a> sought to disabuse Caribbean governments of the frequently made argument that due to their countries\u2019 small size and relative insignificance, they were under the radar of cyber criminals. He thus emphasised the disconnect that exists between the extensive marketing and promotion that those very same countries do to facilitate trade and investment (e.g. in tourism), while still believing that they can maintain some degree of obscurity.<\/p>\n

Similarly, John Curran of the American Registry of Internet Number (ARIN)<\/a> noted that the absence of structures to address cyber crime and security could place countries in the untenable position of not only being subject to attacks, but also the source of attacks. However, taking the argument further, Mr. Richardson indicated that as a region, and as individual states, the Caribbean could be used as pivot (or jump-off) points to attack our strategic or key trading partners, such as the US, UK, Canada and Europe.<\/p>\n

What can countries do moving forward?<\/h3>\n

However, in the midst of the concern and urgency the participating experts were expressing, Hon. Carolyn Seepersad-Bachan, CTU President and Minister for Public Administration in Trinidad and Tobago, proffered an explanation into the challenges governments might be facing in addressing cyber security. The perceived lack of focus on cyber security by many governments might be due, in large part, to its crosscutting nature and a fragmentation of effort from several ministries with overlapping responsibilities for cyber security. For example, in addition to telecoms and ICT ministries, which could be separate agencies, ministries of national security, public administration and law enforcement may also have a mandate to tackle cyber security. The Hon. Minster therefore suggested that countries could benefit from centralising the responsibility and resources for cyber security, which would provide a more coherent and coordinated framework through which to act.<\/p>\n

Throughout the day, many of the featured speakers highlighted a number of opportunities available to countries in the region, along with insights that could be considered or implemented when advancing their cyber security agenda. They included:<\/p>\n