Caribbean trails global trend in automation

A technology trend known as automation could be a game-changer for developing regions, but the Caribbean is trailing global adoption.

Across the industry, the automation of network configuration and network management is already bringing tangible benefits, such as lower operating costs and centralised security. But Caribbean adoption rates have lagged behind global averages, and the promise of automation remains largely unfulfilled in the region.
 

Read More

Caribbean Banks See Rise in Cyber Attacks

Imagine doing a routine check on your bank account only to discover that an entire month’s worth of credit had been swiped from your card. The nightmare became reality for one elderly Belizean couple, who fell victim to identity theft.
 
For Alejandro and Leandra Chulin, the story started five years ago with a troubling phone call from their son, who was at the time studying abroad. He had been trying to use their credit card but couldn’t. A few quick checks with the bank confirmed their worst fears. Someone had already maxed out the limit, racking up enough purchases to leave the Chulins in the hole to the tune of several hundreds.

Read More

Time for Caribbean To Be Better Prepared for Cyber War

Large, well-funded and highly organized crime syndicates are behind many of the cybercrimes taking place in the Caribbean. And regional governments and security agencies are challenged to respond.  

“Today's cybercriminal is no longer just a computer geek looking to see what mischief he can create. Modern cybercriminals are increasingly being employed, trained and resourced by transnational crime syndicates,” said Sean Fouché, Information and Communications Technology Manager at CARICOM IMPACS, an agency responsible for regional crime and security.

Read More

Caribbean courts need to be better prepared to judge cybercrimes

Judicial Education urgently needed, says Belize Chief Justice

By GERARD BEST

  CAPTION: Chief Justice of Belize, Kenneth Benjamin, speaks on the opening day of the country’s first-ever national symposium on cyber security, held at Best Western, Biltmore Plaza, Belize City from April 24 to 28, 2017. Photo courtesy Caribbean Network Operators Group.

CAPTION: Chief Justice of Belize, Kenneth Benjamin, speaks on the opening day of the country’s first-ever national symposium on cyber security, held at Best Western, Biltmore Plaza, Belize City from April 24 to 28, 2017. Photo courtesy Caribbean Network Operators Group.

 

Institutions worldwide are finding it hard to keep up with the rapid pace of advance in computer-based technology. This is all the more so for courts, which are typically steeped in tradition and ponderously slow to change. Globally, systems of justice are struggling to keep track of the sophisticated, rapidly evolving operations of modern cyber crime. 

 

But one Caribbean nation is tackling the issue head on, providing an interesting pattern for other countries of the region. The nation of Belize is taking an important step in responding to cybercrime, by upgrading of the capacity of its judiciary.

 

“Cybercrime and cyber issues must now have a prominent place in judicial education,” said Kenneth Benjamin, Chief Justice of Belize. 

 

In Belize, the legislative framework already supports the admission of evidence electronically. However, no laws are yet on the books to specifically criminalise the growing incidence of Internet-based wrongdoings. 

 

A cybercrime bill is expected to come into force soon, though. With that impending legislation, the Chief Justice plans to fast track judicial education, focusing on technology developments generally and cybercrime specifically.

 

“The introduction of new laws must be accompanied by the development of policy and of regulations guiding the detection, investigation and prosecution of any alleged cyber misdeeds,” Benjamin said, adding that only a few judicial officers had already received cybercrime training to date.

 

The Chief Justice was speaking at Belize's first-ever national cybersecurity symposium, held in Belize City from April 24 to 28.

 

A special forum at the event included judicial officers and magistrates and focused on how cybercrime has been affecting the judiciary globally. 

 

The weeklong gathering was organised jointly by Belize's Public Utilities Commission and by the Caribbean Network Operators Group, a volunteer-based organisation focused on training programs to build the region’s technical capabilities and safeguard computer networks.

 

"This event marks an important milestone for the region's judiciary, and signals a new collaboration between Caribbean jurists and the region's technology community," said Bevil Wooding, a co-organiser of the event and an Internet Strategist with US-based non-profit firm, Packet Clearing House. 

 

The symposium drew nationwide attention, with more than 700 stakeholders taking par, including members of the Bar Association, military and law enforcement officers, representatives of the business chamber, the Central Bank, the association of ICT professionals, and many concerned citizens.

 

"The forum marks the beginning of a process of sensitisation, and we plan to continue collaborating with the CaribNOG team to develop future training interventions for our jurists,” Benjamin said. 

 

CAPTION: Chief Justice of Belize, Kenneth Benjamin, speaks on the opening day of the country’s first-ever national symposium on cyber security, held at Best Western, Biltmore Plaza, Belize City from April 24 to 28, 2017. Photo courtesy Caribbean Network Operators Group.

Guarding the Digital Gates - Belize to Host First National Cybersecurity Symposium

BELIZE CITY, Belize—In response to a growing incidence of cyber-threats, Belize will host its first national cyber security symposium from April 24 to 27.

“We have observed a disturbing rise in threats to critical network infrastructure, corporate networks and personal data. These threats are growing more frequent, more sophisticated and more harmful each year,” said John Avery, Chairman of the Belize Public Utilities Commission (PUC), which is jointly organising the event with the Caribbean Network Operators Group (CaribNOG).

Read More

Belize launches Caribbean’s latest Internet Exchange Point

APRIL 28, 2016. BELIZE CITY—The Belize Public Utilities Commission announced that Belize’s first Internet exchange point, named BIXP, was successfully launched in Belize City on April 27 at the campus of the University of Belize.

The launch was the culmination of unprecedented collaboration between Belizean Internet Service Providers (ISPs) in the highly competitive local telecommunication sector. The Belize Public Utilities Commission, the national regulator, facilitated the process, with support from regional and international agencies.

Read More

Securing Your Business

5 Leading causes of computer security breaches and what can be done to defend your corporate networks

by Bevil Wooding

Security breaches involving computer networks have been making headlines with frightening regularity. Yet despite several high-profile stories about network hacks, distributed denial-of-service (DDoS) attacks and data theft, many businesses remain unprepared or improperly protected from today’s security threats.

Growing Threat

Each new technology seems to be escorted by a new security threat and no organization is immune. In fact, even though small- to midsized businesses (SMB) don't have the luxury of dedicated information security teams and resources that larger enterprises can afford, they still face many of the same threats.

The harsh reality is that network security threats are becoming increasingly sophisticated as computer hackers become better funded and better organized. This presents a real challenges for IT professionals and network administrators. A recent Trustwave State of Risk Report, which surveyed IT professionals about security weaknesses, found that a majority of businesses had no or only partial systems in place for controlling and tracking sensitive data.

Defending Corporate Networks

So, what can companies do to better protect themselves and their customers’, sensitive data from security threats?

The experts at the Caribbean Network Operators Group, CaribNOG, have been looking at the issue of network security and specifically at the threats to Caribbean networks. Following are the five of the most common sources, or causes, of security breaches and what businesses can, and should, do to protect against them.

Risk 1: Internal Vulnerabilities

“Internal attacks are one of the biggest threats facing corporate data and systems,” states Stephen Lee, CEO of ArkiTechs Inc., an IT services firm specializing in IT security audits. “Disgruntled or disaffected employees, especially IT officers with knowledge of and access to corporate networks and administrative accounts, can cause major damage, measured in dollars, lost trust and a tarnished brand,” Lee says.

Solution: Companies should implement the both the protocols and the infrastructure to track, log and record privileged account activity. This can allow for a quick response to malicious activity and mitigate potential damage early in the attack cycle. The foundation for this is the input from business and technology managers to ensure that these security controls are adequate relative to risk and business priorities. IT departments, as well, must constantly evaluate internal security measures and policies to identify any shortcomings that may be exposing the company to risk.

Risk 2: Mobile Devices

According to a BT study, mobile security breaches have affected more than two-thirds (68 percent) of global organizations in the last 12 months.

“More employees are using their mobile devices to access corporate systems, like email, file servers and virtual private networks.  Loss, theft or even hacking of these devices via malware or other Trojan software can present a significant threat to corporate networks,” says Steve Spence, Managing Director at Data Shield, a Trinidad-based network security firm.

Solution: Make sure you have a carefully spelled out mobile security policy. With a mobile device policy, an a Bring-Your-Own-Device (BYOD) policy in place, employees can be better sensitized about device expectations and organizations can better monitor email, documents and other digital assets that are being downloaded to company or employee-owned devices. Effective monitoring provides companies with greater visibility into mobile data-loss risks, and enables them to quickly address exposures if mobile devices are lost, stolen or compromised.

Risk 3: Unpatched Devices

“Network devices, such as routers, servers and printers employ software or firmware in their operation. Too often, updates and security patches are not implemented in a timely manner,” says Robin Ryan¸ Network Administrator at Teleios Systems. “This can leave security holes in your network that can be exploited by attackers to gain access to your data or control of critical processes.”

Solution: Institute a patch management program to ensure that devices, and software, are kept up to date at all times. More importantly, is enforce of a policy that whereby if a certain piece of equipment is not or cannot be updated or patched within a certain amount of time, it is taken offline.

Risk 4: Cloud Applications

“As cloud computing becomes more ubiquitous in the business setting, corporate decision makers and IT professionals must take deliberate steps to become more sensitive to the real risks of cloud computing security,” according to Brent McIntosh, Network Specialist Data at Cable and Wireless and a peering coordinator at the Grenada Internet Exchange Point.

There are several cloud-related risks organizations are exposed to, including data loss, data leakage and account hijacking. The prospect of seeing your organization’s valuable data disappear into the ether is real. Cloud computing also creates the real possibility of an attacker gains access to administrative credentials, which they can use to eavesdrop on activities and transactions, pilfer intellectual property, manipulate data or even redirect your users to illegitimate sites.

Solution: It is imperative that organizations identify precisely where the greatest cloud-related threats lie, and take decisive steps to mitigate against it. One of the best defenses against a cloud-based threat is to using strong encryption to prevent unauthorized third parties from accessing the data in the cloud.

Risk 5: Careless or Uninformed Users

“An absent minded worker who forgets his unlocked smartphone in a restaurant is as dangerous as a disgruntled user who maliciously leaks corporate information or sabotages computer systems,” says Clair Craig, Enterprise Applications Support Manager at the University of the West Indies. “Employees who are not trained in or constantly sensitized to security best practices pose an enormous security threat to their employers’ systems and data,” Craig added.

Using weak passwords, visiting unauthorized websites, clicking on links in suspicious emails or opening malicious email attachments are some of the common actions of careless or uninformed users.

Solution: “Training, education and supporting policy are key to sensitizing employees on cyber security best practices and changing default behavior. Some employees simply may not know how to protect themselves online, which can put your business at risk, Craig explained.

Regular training sessions can go a long way to helping employees learn how to serve as main line of defense against corporate threats.  Basic action like managing strong passwords and avoiding hacks like phishing and email related scams help keep corporate networks secure. Organizations should also provide ongoing support to make sure employees have the resources they need.

Bevil Wooding is a founding member of the Caribbean Network Operators Group, CaribNOG (www.caribnog.org), a volunteer-based group of Caribbean IT professionals, security specialists and network administrators. He is also an Internet Strategist with Packet Clearing House (www.pch.net) an international research and capacity building non-profit organization. Follow on Twitter: @bevilwooding