Cybersecurity is National Security

Philipsburg - Cybersecurity, the practice of protecting devices, systems, and data is a foreign concept to many. It’s an idea that has been popularized through cinema and real-world data breaches. Data is not just zeros and ones seen in movies. Data can be personal - birth date, mobile number, home address, banking information, and more are examples of data that can be taken during a cybersecurity breach. The average person does not actively think about Cybersecurity protection daily. We sign up for services such as Netflix, gaming services, and household services such as utilities by providing personal information. Many rarely ask themselves “How safe is my information in the service providers’ servers?”

Clicking on random links sent to emails, visiting poorly secured websites, and downloading movies from unsecured sites are common ways that persons get their information stolen. Recent events on the island have shown us that it is something that we should be more aware of. Information is valuable to bad actors. Data breaches can happen from multiple avenues which include workstation computers, personal computers, mobile phones, and any other devices that are connected to the internet. It is referred to as “the Internet Of Things (IoT)” which is the network of physical devices embedded with sensors, network connectivity, and software to collect and share data. This makes it more important for the public to know what common threats look like so that they can better protect themselves and avoid data breaches. Knowing how to identify a suspicious email, not clicking on random weblinks, and avoiding unsecure websites. Raising awareness about what digital threats look like can help significantly reduce the chances of persons being affected by online scammers and hackers. Password strength and management is another area where vulnerabilities arise. The use of password vaults such as Bitwarden, which is a password vault app that allows you to store your various passwords in one secure place, is a solution to having to write down your password. Password vaults also enable users to lessen the number of times that they click forgot password to change a forgotten password.

Cybersecurity threats are increasing among Small Developing Island States (SDIS) in the Caribbean with attacks and breaches affecting key infrastructure. There’s an increase because although crime doesn’t pay, cybercrime does - it is very lucrative for some criminals. Trinidad and Tobago recently reported that a regional logistics company, Aeropost, experienced a data breach that resulted in the cancellation of customers’ credit cards. Telecommunication Services of Trinidad & Tobago (TSTT) also reported a cyberattack that resulted in the disclosure of several gigabytes of its data on the dark web. e Jamaican Cyber Incident Team (Ja-CIRT) that several industries were affected by data exfiltration and disclosure to the dark web within the last two (2) years. The range of affected industries included hospitality, investment, wholesalers, and insurance companies.

The reality is that gaining access to the resources needed to commit a cyber-attack are readily available to anyone that knows where to look. Ransomware As A Service (RaaS) is a subscription-based service on the dark web that provides users with the necessary files, links, and resources needed to breach servers. St. Maarten, as a Small Developing Island State (SDIS), must be proactive about improving our compliance with cybersecurity industry standards to have a chance at securing information from modern threats. We trust our government to protect our personal information from unauthorized access. Having representatives that understand the proactive nature of cybersecurity helps hold companies and the government accountable while protecting our information from digital threats. The establishment of a National Cyber Security Agency (NCSA) to safeguard the country from digital threats, locally and internationally.

“The National Cyber Security Agency will function as an oversight agency that supports and secures the operations of government and government owned companies. The NCSA’s mission will be to secure St. Maarten’s cyber security interests by ensuring increased cyber readiness, advanced incident response strategies, enforcement of modern standards, cyber security capacity that enhances our economic security to contribute to the improvement of our quality of life. St. Maarten must prepare itself to exist in a world where more and more services are moving online. Our neighbors to the north of the island are taking steps to improve their cyber security readiness. Cyber security must become a priority in St. Maarten’s national security, too”, said Marvio Cooks.

Cyber security breaches have an estimated yearly cost of USD $4.5 million with companies like Boeing recently having over forty-five Gigabytes of company data shared to the dark web because of not paying a ransomware attack (45GB). Cyber-attacks are becoming more prevalent globally. Cyber-attacks increased by approximately 38% in 2022 with a steady rise in attacks varying from malware, internet of things, and ransomware attacks. The Party For Progress plans to establish the National Cyber Security Agency (NCSA) to safeguard St. Maarten from the attacks that crippled GEBE and the government in the past.

“Protecting our personal information from data breaches is a matter of national security. The data breaches that affected our government and government owned company, NV GEBE, ultimately occurred due to negligence. The rise in cyberattacks in the Caribbean region are a sign that we can no longer afford to remain out of compliance with security standards. We cannot continue to overlook the fact that our increasing dependency and use of internet-based services raises our susceptibility to cyber-attacks. We must learn from our regional neighbors that have been previously attacked and create a preventative plan of action.” said Marvio Cooks