Jamaica:	  Vic)m	  or	  perpetrator	  of	  cyber	  crime	  and	  intrusions?	       INFOSEC	  Execu)ve	  Breakfast	  	    ...
Cyber	  incidents	  not	  widely	  reported	                in	  the	  Caribbean	  A	  few	  possible	  excep.ons:	  •  Ta...
What	  do	  Caribbean	  network	  security	  experts	  think	  about	  cyber	  security	  in	                   the	  regi...
Intrusions	  are	  highly	  prevalent	  in	  the	                    Caribbean	  •  Success	  rate	  of	  aHempts	  unknow...
What	  is	  the	  situa)on	  in	  Jamaica?	  
A	  legal	  &	  enforcement	  framework	  	               exists	  for	  cyber	  crime	  •  Cybercrimes	  Act	  2010	  exi...
CCU	  tackled	  32	  cases	  in	  2011	  
So	  far,	  Jan—May	  2012:	  26	  cases	  
CCU	  data	  doesn’t	  tell	  us	  much	  •  Incidents	  reported	  as	  cyber	  crimes	  are	  done	     according	  to	 ...
How	  can	  we	  stem	  the	  )de?	  
Cyber	  incidents	  can	  be	  	                debilita)ng	  and	  isola)ng	  •  Majority	  of	  organisa.ons	  are	  una...
Internally,	  we	  must	  be	  beUer	            prepared	  and	  equipped	  •  Comprehensively	  examine	  systems,	  net...
We	  must	  also	  be	  prepared	  to	          establish	  trust	  rela)onships	  CERTs/CSIRTs	  are	  urgently	  needed:...
      Thank	  you!	           Michele	  Marius	         Blog:	  	  ict-­‐pulse.com	  FB:	  facebook.com/ICTPulse	         ...
Image	  credits	  •      Stethoscope:	  dreams	  designs	  /	  FreeDigitalPhotos.net,	         hHp://www.freedigitalphotos...
Upcoming SlideShare
Loading in …5
×

Jamaica: victim or perpetrator of cyber crime and intrusions (final)

1,849 views
1,740 views

Published on

Presentation given at the Paladion seminar, “Scaling up Security Management for Newer Threats”, on 26 June 2012 in Kingston, Jamaica

Published in: Technology, Business, Travel
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total views
1,849
On SlideShare
0
From Embeds
0
Number of Embeds
305
Actions
Shares
0
Downloads
9
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

Jamaica: victim or perpetrator of cyber crime and intrusions (final)

  1. 1. Jamaica:  Vic)m  or  perpetrator  of  cyber  crime  and  intrusions?   INFOSEC  Execu)ve  Breakfast     Kingston,  Jamaica    Ÿ    26  June  2012  
  2. 2. Cyber  incidents  not  widely  reported   in  the  Caribbean  A  few  possible  excep.ons:  •  Tax  Administra.on  of  Jamaica  –  June  2012  •  Hacking  of  Trinidad  &  Tobago  Parliament   website  –  April  2012  •  Hacking  of  Trinidad  &  Tobago  Ministry  of   Finance  website  –  March  2012  •  DDoS  aHack  LIME  Barbados  network  –  March   2012  
  3. 3. What  do  Caribbean  network  security  experts  think  about  cyber  security  in   the  region?  
  4. 4. Intrusions  are  highly  prevalent  in  the   Caribbean  •  Success  rate  of  aHempts  unknown  •  Top  sources  for  threats  –  Russia,  China,  HK  •  Organisa.ons  have  a  narrow  view  of  security  •  Caribbean  has  not  commiHed  the  necessary   resources  or  effort  to  strengthen  frameworks  •  In  addi.on  to  threats  in-­‐country,  Caribbean   countries  can  be  used  as  jump-­‐off  points  for   aHacks  in  other  countries  
  5. 5. What  is  the  situa)on  in  Jamaica?  
  6. 6. A  legal  &  enforcement  framework     exists  for  cyber  crime  •  Cybercrimes  Act  2010  exists  along  with  a   Cybercrime  Unit  (CCU)  •  CCU  can  only  enforce  with  coopera.on  of   vic.ms  and  other  affected  interests  •  Unit  has  its  hand  full  tackling  local  crimes  plus   loHo/telemarke.ng  scams  targeted  at  the  US  •  LoHo  scams  are  affec.ng  country’s  reputa.on   –  “Beware  876”  campaign  
  7. 7. CCU  tackled  32  cases  in  2011  
  8. 8. So  far,  Jan—May  2012:  26  cases  
  9. 9. CCU  data  doesn’t  tell  us  much  •  Incidents  reported  as  cyber  crimes  are  done   according  to  Cybercrimes  Act  •  CCU’s  main  goal  is  prosecu.on  •  Focus  likely  to  be  incidents  origina.ng  in   Jamaica  •  LiHle  or  possibly  no  framework  for  incidents   affec.ng  Jamaicans  but  origina.ng  elsewhere  •  Cases  reported  to  CCU  only  a  drop  in  the   bucket    
  10. 10. How  can  we  stem  the  )de?  
  11. 11. Cyber  incidents  can  be     debilita)ng  and  isola)ng  •  Majority  of  organisa.ons  are  unaware  that   they  have  been  compromised  •  Incidents  cost  organisa.ons  $MM  –  .me,   revenues,  produc.vity,  remedia.on  •  Many  organisa.ons  could  be  having  iden.cal   experiences  –  unbeknownst  to  the  other  •  Oaen  limited  insight  into  scope  of  incidents  -­‐     frequency,  characteris.cs,  paHerns,  possible   solu.ons,  etc.  
  12. 12. Internally,  we  must  be  beUer   prepared  and  equipped  •  Comprehensively  examine  systems,  networks,   equipment  •  Strategically  establish  priori.es  &   con.ngencies  •  Invest  in  the  con.nual  maintenance  and   update  of  defences  •  Exercise  even  greater  vigilance    •  Support  staff  training  and  capacity  building  
  13. 13. We  must  also  be  prepared  to   establish  trust  rela)onships  CERTs/CSIRTs  are  urgently  needed:  •  Provide  expert  informa.on  and  support  •  Supplement  internal  security  plans/structures    •  Increase  awareness  of  incidents  -­‐  frequency,   characteris.cs,  commonali.es,  possible   solu.ons,  etc.  •  Ensure  that  appropriate  industry  standards   and  prac.ces  are  established  
  14. 14.   Thank  you!   Michele  Marius   Blog:    ict-­‐pulse.com  FB:  facebook.com/ICTPulse   TwiHer:  @ictpulse  
  15. 15. Image  credits  •  Stethoscope:  dreams  designs  /  FreeDigitalPhotos.net,   hHp://www.freedigitalphotos.net/images/view_photog.php?photogid=1449  •  Binocular  image:  Ntwowe  /  FreeDigitalPhotos.net,   hHp://www.freedigitalphotos.net/images/view_photog.php?photogid=2043    •  Hermosa  Wave  image:  watch4u  /  flickr,  hHp://www.flickr.com/photos/look4u/    

×