NIDS will be held to high cybersecurity standards – director
Programme director for the National Identification System (NIDS), Warren Vernon, sought to assure Jamaicans on Tuesday that the identification platform, when implemented, would be buttressed by a strong cybersecurity framework.
Addressing a joint select committee reviewing the proposed legislation in Gordon House, Vernon said that NIDS would be compliant with National Institute of Standards and Technology (NIST) cybersecurity benchmarks.
The NIST cybersecurity framework is a set of best practices, standards, and recommendations that help an organisation improve cybersecurity measures.
NIDS would also embrace the standards and processes associated with the Cybersecurity Maturity Model Certification, which is used by the United States Department of Defence.
“The security profile of NIDS is completely different from other systems based on the people who are involved and the processes that we are following,” Vernon added.
The NIDS director said that from the beginning of the project, a security and technical group comprising 16 “competent people” in the government service was recruited. He said several international cybersecurity experts were also part of the project.
“I am happy for the conversation that is taking place in the public domain because we really need to have a national campaign to build awareness about cybersecurity for everybody,” he said.
In recent times, there has been intense national debate on the issue of securing the private data of individuals following at least three reported security lapses on the JamCOVID travel and medical data website.
Vernon told committee members that the country should be engaged in discussions about cyber-resilience and how Jamaica could protect its national assets from attacks.
Committee Chairman Delroy Chuck said that lawmakers would go in camera when dealing with data protection and security.
He acknowledged that members of the public have been expressing concern about the security of private data in the Government’s possession.
According to Chuck, the NIDS Secretariat would have to convince the committee, with the assistance of the Major Organised Crime and Anti-Corruption Agency, that enough would be done to preserve privacy.
“The committee is also concerned and, therefore, the committee will seek further deliberations in camera to ensure that it is happy that enough safeguards will be put in place to protect data that is collected,” Chuck said.