Businesses: Take Cybersecurity Seriously!

    JN Group

    144 million Cyber-attacks in Caribbean First Half of 2022

    “Forty-four cyberattacks are launched every second of every day.”

    These were the sobering global statistics that Dwayne Brown, Executive, Cybersecurity at The Jamaica National Group, shared with local business leaders recently, as he urged them to take cybersecurity more seriously.

    Mr Brown informed that over the past three years there has been an exponential increase in global cyber-attacks costing companies, including those in Jamaica and the Caribbean, billions of dollars in losses.

    The JN Group executive was addressing the Institute of Chartered Accountants of Jamaica (ICAJ) annual business conference on the topic of ‘Digitization and the Business of Cybersecurity.’

    He informed that Check Point Research (CPR), a multinational technology company, reported that from mid-2020 throughout 2021, there was an upward trend in the number of cyber-attacks globally. This trend reached an all-time high at the end of 2021, peaking to 925 cyber-attacks a week per organisation, globally. Overall, in 2021, researchers saw 50 per cent more attacks per week on corporate networks compared to 2020.

    Further, an IBM 2021 report noted that the average global cost of a data breach climbed to over US$4 million per company. That’s a 10 per cent increase compared to US$3.92 million in 2019, due to “drastic operational shifts” caused by the COVID-19 pandemic. The figure stood at US$3.86 million in 2020.

    Mr Brown said to understand how crucial it is to prevent cyber-attacks, “consider the average time required to identify and contain each type of compromise.”

    He noted that it takes a staggering 327 days to identify and contain a compromise through stolen credentials. The number drops to 295 days for phishing and 244 days for a cloud security breaches.

    Emphasising that these are ‘average’ duration, Mr Brown said the common saying, ‘time is money’ becomes truer in an evolving cyber threat landscape.

    “I must admit that we live in a society where there is a culture of reacting after the fact, but I warn that this is not the approach businesses want to take when it comes to cybersecurity. Not investing in cybersecurity could be your organisation’s most expensive mistake and could even result in its ultimate ruin,” he warned.

    Ryan Meeks, Manager, Development Security and Operations at Symptai Consulting, who also presented at the seminar, further informed that the Caribbean experienced 144 million cyber-attack attempts in the first six months of 2022, with ransomware being the most common breach.

    The data showed that Guyana had the most cyber-attacks at 71 million, while Suriname saw 16 million, Barbados was third with 13 million attempts, and Jamaica, fourth with 12 million cyber-attack attempts.

    Mr Meeks said companies in Latin America and the Caribbean paid out approximately US$124 million in the first half of 2022 in ransomware attacks.

    He noted that cyber breaches not only cost companies millions of dollars in losses, but can also impact their reputation and their relationship with stakeholders. “If for instance a company is hacked, and they don’t handle it correctly, it can ruin their reputation. Your brand can be destroyed, so something that took years to build can be destroyed in just a second. Do you really want to take that risk?

    Mr Meeks said a lack of investment in effective cybersecurity can also impact the country’s prospects for economic prosperity and foreign investments.

    “If outsiders see where the country is not finding a framework that will better deal with cyber-attacks, people are not going to want to invest in the country or invest in our businesses. They’re going to say it’s too risky.”

    He urged businesses to conduct regular security reviews to ensure that they have the right systems in place to withstand future cyber breaches.

    Mr Meeks advised that, on average, companies should be spending at least three to six per cent of their IT budget on cybersecurity. “If you add in compliance spending as part of security, that’s another three to six per cent of the IT budget. If you include business continuity spending, that’s another two per cent, bringing it to 10 to 14 per cent of the total IT budget,” he outlined.

    Was this article helpful?