The world can be a daunting place for a small island state. To survive it must remain relevant and viable.
Therefore, as the world develops and innovates, Trinidad and Tobago must keep pace with those developments as a necessity, not a choice. That is the price that must be paid if one is to have a proverbial seat at the table. Embracing digitalisation is not an option. It is a necessity if the country is to survive and compete in the global marketplace. Indeed, it could be argued that the pace of adopting modern technological developments is too slow.
Astra Security, a privately held US and India based cyber security firm estimates that there are 2,200 cyberattacks per day or one every 39 seconds on average. Further, it estimates that a US data breach costs an average of US$9.44 million and predicts that cybercrime will cost US$8 trillion in 2023.
No organisation is secure, anywhere. Further, the firms targeted will be those whom attackers assume would be able to pay. Hence the recent successful cyberattacks on the local corporations and government offices. Major corporations everywhere have been attacked. ANSA MCal’s CEO has acknowledged that they have had a ransomware attack
Last week, the Industrial and Commercial Bank of China with assets of US$6 trillion experienced a cyberattack. In the investigatory process, it was discovered that the bank had become a significant player in the US$26 trillion treasury market. Such are the ramifications of the interconnectedness of global markets.
The US Treasury market is a well regulated market with substantial controls. There will be changes, but these will take months. It is not clear whether a ransom was paid. Investigations are continuing.
The point is hacking, cyberattacks phishing and data breaches are not new phenomena and will take place in any market. Major international corporations and governments have been breached. Therefore, organisations must deploy the best practices and keep them updated.
There are clear lessons to be learnt from the TSTT affair. One would have expected that TSTT would have a more sophisticated approach to the management of its public relations. Since TSTT is also a state enterprise and the state has taken a strong position on digitalisation, the incident has implications for how the state will manage its inevitable breaches. Hiding a breach undermines public trust and confidence.
The banking sector seems to have learnt some lessons in its management of ATM scams. There was a time when customers regularly complained that their accounts were illegally breached by criminals cloning their magnetic strip encryption system. The point is that it was too easy. That is the danger of using old technology beyond its shelf life. Criminals know how to look for vulnerabilities. Banks understood that their products needed to be upgraded and did so.
Cyberattacks have been taking place with increasing regularity against companies based in Trinidad and Tobago. What may have been a potential threat or risk is now a known vulnerability. It is not clear how much these breaches have cost.
Whatever the cost, if we are part of the global world then our systems must also operate at world-class standards. What has been the response of the firms? How are customers to be reassured? What are the opportunities? Where is the T&T Police Service (TTPS) cybercrime unit in this?