TUESDAY EVENING’S public lecture on Jamaica’s critical cybersecurity framework was an eye opener for those of us who are not on the frontlines of the ongoing cat-and-mouse game between cybercriminals and law-enforcement agencies. For those who are, however, the event, hosted jointly by the Major Organised Crime and Anti-Corruption Agency (MOCA) and the Mona School of Business and Management (MSBM), was just a timely reminder, not that we needed one, that Jamaica’s fight against cybercrime demands more than just technology and technologists.
In this increasingly digital world, the battle to keep the digital economy thriving requires strong, strategic partnerships between law enforcement, academia, and the private sector. Tuesday’s main presenter, MOCA’s international cybercrime consultant, Mark Burgess, underscored the need for collaboration to tackle cyber threats from every angle – operational, tactical, and strategic. He proposed a key concept built around the problem analysis triangle, showing how partnerships can dismantle the conditions that cybercriminals exploit. He also highlighted how real-time information sharing, resilience planning, and cross-sector training fortify our defences, using case studies like MOCA’s success in several high-profile arrests. Ultimately, Mr Burgess’ message was clear: in the face of relentless cyber threats, Jamaica’s digital resilience hinges on teamwork and shared innovation.
Where I’d like to push the conversation, however, is against the backdrop of the old adage of ‘an ounce of prevention is worth a pound of cure’. Prevention, be it firewalls, encryption, or employee training and awareness, is still a critical first line of defence in our increasingly digital economy. But, as any seasoned law-enforcement professional will tell you, no matter how many layers of defence we stack on top of each other, cyber threats simply evolve too fast to guarantee perfect protection.
Which is why, when it comes to cybersecurity, Jamaica must also look beyond prevention and focus on building resilience and recovery strategies. After all, it’s not just about preventing or stopping attacks, but also about bouncing back when one inevitably slips through the cracks.
This shift in focus, from pure prevention to resilience, calls on the same strong foundation of strategic partnerships between law enforcement, academia, and the private sector. This ‘holy trinity’ will allow us to respond swiftly, mitigate damage, and recover with minimal disruption when incidents occur. Building this ‘bounce-back’ ability isn’t just an ideal, it’s a necessity in today’s digital landscape where the question isn’t if an attack will occur, but rather when.
Imagine, for instance, a scenario where one of our local banks experiences a sophisticated ransomware attack, despite having invested heavily in its digital transformation. Systems are locked, websites have been hacked, customers can’t access their accounts, and sensitive data is compromised. In such cases, prevention methods may have slowed down the attackers, but once they’re in, the damage is immediate.
Eventually, the attack will be halted and the disruption disrupted. The key question now is, how quickly can the bank recover? This is where cyber resilience come in. In a nutshell, this is the ability to continue operations during and after an attack, in order to reduce financial loss and operational downtime, and recover trust faster.
The cornerstone of any resilience strategy, therefore, is a comprehensive recovery plan. In the aftermath of an attack, there’s no time to ‘figure it out’ as you go. Decisions need to be made instantly, communication needs to be swift, and every team member needs to know their role. In such events, a well-crafted crisis-recovery plan is an essential emergency manual, and one that should be tested, updated, and, most importantly, actionable.
That plan should include incident-response protocols that outline, step by step, procedures to follow the moment an attack is detected. Those protocols should cover everything from isolating affected systems to containing the threat and notifying relevant stakeholders via a comprehensive communications plan. In emergency situations, especially in critical areas such as banking and healthcare, transparency is key to maintaining public trust. That communication plan and its included protocols must therefore inform employees, partners, and customers without causing unnecessary panic.
When organisations build and test these recovery plans, they’re better positioned to keep critical operations running and quickly move past a cyberattack. And as the old saying goes, practice makes perfect, so a recovery plan shouldn’t be in a dusty binder on a shelf waiting for something to happen. It should be a living, breathing component of an organisation’s overall strategy, updated, tested and rehearsed regularly to reflect new risks.
But resilience isn’t achieved in isolation. If a company, no matter how large, attempts to handle all aspects of cyber resilience alone, it’s fighting an uphill battle. Which brings us back to the central theme of strategic partnerships and cooperation. A bank’s in-house team, for example, might be able to handle day-to-day IT security, but in the event of a major breach, they need law enforcement’s expertise to investigate, trace, and ultimately pursue the cybercriminals. Agencies like MOCA bring this expertise to the table, and partnering with them allows organisations to manage incidents effectively, rather than scramble for resources when it’s already too late.
At the same time, academia plays a crucial role in providing the theoretical and practical tools needed to build a culture of resilience. By collaborating with local universities, organisations can tap into the latest research on cybersecurity trends, benefit from innovative tools developed in academic labs, and even train the next generation of cyber professionals. Through internships and hands-on research projects, academia becomes an incubator for the cybersecurity skills Jamaica needs.
Look, resilience isn’t static; it’s flexible. Threats change, and recovery protocols must adapt accordingly. Today’s ransomware attack might require different tactics than last year’s phishing scam. Once this adaptability is built into our recovery protocols, we should be better able to identify gaps, refine our processes and build trust. This last bit is crucial, because when customers, investors, and partners know that an organisation has robust recovery protocols, they’re more likely to stick with that brand, even in the wake of an attack. Conversely, a poor recovery response can damage reputation and drive away customers faster than the initial attack itself. In the end, it’s not just about preventing the worst – it’s about being ready to rise above it. And if we do this right, we won’t just survive in the digital economy; we’ll possibly thrive in it.
Major Basil Jarrett is a communications strategist and CEO of Artemis Consulting, a communications consulting firm specialising in crisis communications and reputation management. Visit him at www.thecrisismajor.com [2]. Send feedback to columns@gleanerjm.com [3].