A National Cybersecurity Strategy needs to be urgently developed.
This observation was made recently by Permanent Secretary in the Ministry of the Civil Service, Alyson Forte, as he delivered remarks at a recent breakfast symposium hosted by his Ministry and the Data Processing Department, at Courtyard by Marriott Hotel.
Mr. Forte said the Ministry of the Civil Service fully supported the recommendation that such a strategy was needed, which was also made by the European Union-funded consultancy to develop a Government Cybersecurity Assessment and Strategic Road Map.
He added that the cybersecurity strategy and road map was part of a list of initiatives identified in the Barbados Digital Government Strategy, which is expected to be formally launched in early 2018.
He told that gathering of permanent secretaries and officers of related grade: “For citizens and businesses to utilise any information and communications technology services that Government would want to implement to improve its efficiency, we have to be able to assure them of the resilience from internal and external threats. And as such, we want to make sure that when we do so, it is with the best knowledge as to the impact of these threats to our cybersecurity environment.
“The Ministry of the Civil Service is aware that for digital transformation to take place, cybersecurity awareness is a prerequisite, hence the next logical step would be a sustainable cybersecurity awareness and education programme.”
Mr. Forte said he had been informed that one of the deliverables expected out of this consultancy was a cybersecurity awareness handbook, which would be made available to the entire public service. He added that the leaders of the public service would have an input into the handbook.
Consultant Niel Harper underscored the importance of the symposium for the senior public servants, who are expected to support and advocate for improving the overall cybersecurity across Government and its key stakeholder groups.
Mr. Harper stated: “The symposium went very well. The attendance by senior Government leadership was quite reassuring, and their levels of interest and engagement were positively refreshing.”
According to him, developing strong capabilities to effectively respond to cyber threats was of utmost importance. “As Government continues to increase and evolve its e-government offerings, online trust is a critical aspect related to large scale uptake. If individuals don’t trust online services, then they will not use e-government services. Moreover, trust is also important when using e-commerce services to stimulate national/international trade and commerce. For Barbados to fully become an information society, and to benefit from the global Internet economy, online trust must be pervasive across its citizenry,” he contended.
He stressed that cybersecurity should be an area of concern to Government because Information technology had become increasingly embedded into all aspects of national development.
“For one, the integration into physical infrastructure operations, for example, energy, telecoms, financial services, transit and aviation, has increased the risk for wide scale or high-consequence events that could cause harm or disrupt services upon which Barbados’ economy and the daily lives of millions of Barbadians depend.
“Highly sophisticated threat actors and nation-states are actively exploiting vulnerabilities to steal information and money, and are developing capabilities to disrupt, destroy, or threaten the delivery of essential services. In light of the risk and potential consequences of cyber events, strengthening the security and resilience of cyberspace has become an important mission as it relates to public safety, national security and economic development,” Mr. Harper insisted.
The consultancy, which started in August 2017 and ended on January 31, had three stages – Cybersecurity Assessment; Strategic Cybersecurity Road Map; and Delivery of a series of Cybersecurity Awareness Workshops. The first two phases have been completed while the third will be completed shortly.
Funded by the European Union, its aim was to assess the degree to which cyber-related activities were strategically integrated into Government’s overall management activities and resources (people, processes and technologies). It also looked at how these assets were allocated so they could provide the greatest value-add to the Government and other national stakeholders.
Some of the key impact areas are healthcare, energy, transportation, telecommunications, international trade, education, financial services, and the overall digital economy.