The Tribune

By YOURI KEMP

Tribune Business Reporter

ykemp@tribunemedia.net

A local technology provider said the launch of the Computer Incident Response Team (CIRT) would allow the country to follow “global best practice” on cyber security.

Scott MacKenzie, chief executive of Cloud Carib, told Tribune Business that while he has not been invited to any of the CIRT sessions he feels the government moving forward on CIRT development is a “great thing”.

He said: “Setting up a CIRT is very beneficial for every nation state. At the end of the day the initiative is led by the ITU (Information Technology Unit) with the department of digitization and transformation and I think it is an amazing opportunity for the country to follow global best practice to have a cyber incident response team and cyber emergency management response team.”

Mr Mackenzie added: “This is basically programmatically developing what you do as a nation state in the event of a cyber incident.

“Depending on the type of compromise, there’s different things that they’re going to want to do. So if there’s a bad actor still on the system, the police may want to actually go and try to get onto the system and trace the individual that’s compromised the system. If it’s something that’s still continuing, and it’s malicious activity, usually they have to terminate the connection.

“This is where a CIRT programme and structuring it becomes beneficial because now the nation as a whole knows what to do and they can educate the market on what to do. How do you educate the market, how do you communicate to the people what they need to do and keep everybody safe?”

Mr Mackenzie also said: “We have to prepare the next generation to ensure that these programmes are put in place to keep them safe. I think this is a very beneficial thing from a national perspective.

Maintaining that the first steps to any cyber threat must be “programmatic” calling it an “insurance, more like a business continuity programme or a disaster recovery programme. It’s just basically making sure you’re planning for a worst-case scenario when you are hoping for the best.

“That’s one of the things they would be working with the national infrastructure providers, whether that’s the electricity provider, the water provider, the sewerage provider, the telecommunications provider and they would make sure that the national programme is interlinked with those critical infrastructure providers.”

Mr Mackenzie said cyber attacks don’t go in seasons and an attack can happen at anytime.

“There is no miracle cure for protecting yourself. It’s always about layers,” he said.

“The more layers you have, the more protected that you are, I would say COVID-19 has accelerated attacks on critical infrastructure like hospitals, medical clinics and stuff like that. Because bad actors that are using malware and encrypting people’s computers, the more important that data the more people are going to focus on you as an attack.

“I don’t think there’s any magical solution to good security. It’s just a matter of being diligent and just taking personal responsibility to being extra careful around your computer systems.”