Caribbean News Now!

About Us Contact Us


Jump to your country or territory of interest

Advertise with us

Reach our daily visitors from around the Caribbean and throughout the world. Click here for rates and placements.


Submit news and opinion for publication


Click here to receive our daily regional news headlines by email.


Click here to browse our extensive archives going back to 2004

Also, for the convenience of our readers and the online community generally, we have reproduced the complete Caribbean Net News archives from 2004 to 2010 here.

Climate Change Watch

The Caribbean is especially vulnerable to rising sea levels brought about by global warming. Read the latest news and information here...

Follow Caribbean News Now on Twitter
Connect with Caribbean News Now on Linkedin

News from the Caribbean:

Back To Today's News

Commentary: Why cyber-security is critical in business risk management
Published on June 28, 2017 Email To Friend    Print Version

By Deon Olton

The cyber threat picture becomes more challenging, with attacks against both public and private sectors organization. Cyber threats are continually evolving, becoming more sophisticated and harder to both prevent and detect.

Deon Olton is a UWI graduate and certified IT security practitioner. He has developed proactive plans to address the growing cyber security threats to the Caribbean region’s economies.
Your organization has possibly experienced some type of a cyber incident, whether it was a virus infected computer, mail servers bombarded by phishing and spam email or even some variant of malware or ransomware. The typical symptoms are IT technicians pacing up and down the company trying to contain the recent infestation or instructions from your system administrators to update your antivirus and run a complete scan on your computer.

With the severity and frequency of these threats increasing, the senior management of all companies needs to make cyber-security, also referred to as information security, as a top priority for their business survival.

First off cyber-security must be viewed by senior management as a business continuity issue and by extension a major risk management concern. Cyber-security doesn’t just relate to the technical configuration of systems but also promotes positive behavioral change within an organization as it has the potential to secure the future of a business.

In addition, if we take a look at the top ten issues that affect the survivability of any business, four of these issues are directly related to IT risk because IT has become a core business function and enabler. This necessitates a proactive plan to address cyber and IT risk in all operations. Cyber-security is a risk management issue, not an IT matter.

As a result cyber threat expertise isn't a prerequisite for corporate board members, but corporate boards and senior management should have access to expertise who can define how cyber affects their companies overall operations. Cybercrime has become the primary motivation behind cyber-attacks in the Caribbean. Therefore, from a risk management perspective, do you know where your business stands in terms of its cyber-security preparedness? Do you know the impact of a cyber-attack on your organization?

Take for example an accounts receivable or point-of-sales system being offline due to a targeted attack. How much sales revenue will you lose or not be able to collect for each hour or day your systems are offline? Do you know if your organization might be leaving doors wide open for cyber criminals to come right in?

Now, if you are unsure of your company’s level of preparedness, your organization is likely in a higher risk area when it comes to potential cyber incidents. If your organization lacks formally documented policies and procedures regarding security the level of risk and the potential of exploitation in the form of a cyber breach is very high.

As a best practice, we recommend that cyber-security is added as a key area of concern in all organization whether private or public sector. Special attention should be place on identifying the areas of risk and the remediation that can be applied to minimize a potential breach.

The management of operational information security risks, that is, the ability of your organization to function unimpeded or with minimal disruption because of a cyber incident is possible. Information security risk awareness and mitigation does contribute to a safer work environment, removes obstacles to operational functionality but necessitates a logical step-by-step easy to follow process that will enable the organization to continue its business.

To achieve this level of preparedness all organizations should carry out risk assessments to infrastructure and critical data, and develop mitigation or remediation plans. Finding your weak spots and fixing them before you have a meltdown is critical.

Business reputations are difficult to buildup and yet can so easily be tarnished but a proactive approach many times outside of the glare of your customers and the news media makes the difference.

So, if we look at organizations who have been hit by the latest and most vicious viruses and malware attacks, it’s always the companies who conduct risk assessment, remediate and train their staff that tend to experience minimal impact.

The recent 'meltdown' of British Airways computers in May 2017 is evidence of the importance of a good risk assessment program. Whether you believe the cause of the outage was an 'electrical surge' or not, the impact on the airline was severe and costly. In this age of sophisticated surge protection options and other advances, this solution seems obvious and well within the airline's financial reach. Was management aware of the risk? Was management aware of the potential impact?

A comprehensive information systems risk analysis would certainly have highlighted these issues, the remediation necessary, the reputational loss, and financial impact.
Reads: 4825

Click here to receive daily news headlines from Caribbean News Now!



No comments on this topic yet. Be the first one to submit a comment.


As a result of our comments feature being overtaken in recent weeks by spammers using fake email addresses, producing a large number of bounced verification emails each day, we have reluctantly decided to suspend the comments section until further notice.

User comments posted on this website are the sole views and opinions of the comment author and are not representative of Caribbean News Now or its staff. Caribbean News Now accepts no liability and will not be held accountable for user comments.
Caribbean News Now reserves the right to remove, edit or censor any comments. Any content that is considered unsuitable, unlawful or offensive, includes personal details, advertises or promotes products, services or websites or repeats previous comments will not be approved.
Before posting, please refer to our Terms of Use and Privacy Policy.

Other Headlines:

Regional Sports: