‘Cybersecurity Is Critical To Future Prosperity’

“Cybersecurity is critical to our future prosperity and security” as the “evolution of technology has fundamentally changed our security landscape, Minister of National Security Wayne Caines said today.

Speaking during the opening of the Cybersecurity Framework Workshop at BUEI, Minister Caines said, “On behalf of the Government of Bermuda, it is my great pleasure to welcome you today to what will surely be an informative and stimulating event.

“Cybersecurity is critical to our future prosperity and security. The evolution of technology has fundamentally changed our security landscape.

“Today, we rely on interconnected virtual information networks for nearly everything we do in our personal, business, and public service lives. While this undoubtedly benefits our lives in many ways, it also carries risks.

“We are vulnerable to cyberattacks from malicious actors, and today, these actors can be anyone, and they can come from anywhere. Small-time con artists trying to make a few bitcoins or steal personal data can disrupt government institutions.

“What are the threats:

1] Point of Sale Intrusions – implanting some malware on retailers credit card processing system.
2] Web Applications Attacks- gaining access to applications on a company’s server, like phising and spear phising, finding code vulnerabilities;
3] Software Vulnerability or Zero Day Attacks- hole in the software unknown to vendor, hackers install malware on the server before the vendor fixes it. As Microsoft learned, with the Black Energy Malware Vairant;
4] Cyber- Espionage Attacks- the Russians and Chinese- elections and attacks WB;
5] Card Skimmers – device installed on ATM;
6] Misuse of Passwords and Privileges;
7] Wiperware Attacks- desgined to erase data from a PC File-server, hard drives and delete the Master boot record. Simply put wiper malware can wipe away all the data on multiple servers infected at a target company;
8] Distributed Denial of Service [DDos] Attacks- Hackers have used to wreak havoc in US and UK companies is the DDos attack- creating botnets an army of computers, that attack a particular website, these attacks tie up bandwidth and cripple networks for hours and have the company off line for hours if not days. As seen with the Lizard Squad on Christmas Day crippled Sony and Microsoft gaming networks on Christmas Day;
“National Security strategies now even refer to ‘script kiddies’ as possible threats – people, even some children, who are just technically sophisticated enough to wreak havoc with someone else’s programme,” Minister Caines continued.

“It is now difficult to avoid new stories of companies, or municipalities, or countries, suffering damage from cyber incidents. Companies fold or face millions of dollars in fines, while municipalities suffer from power outages, or citizens are denied access to services they need.

“There can be no doubt that cybersecurity is a critically important issue that all Bermudians must take seriously. Indeed, without strong cybersecurity awareness and preparedness, our safety, economic prosperity, and national security is at risk. This includes:

1] Finance
2] Retail
3] Accommodation [hotels and motels
4] Professional Services Firms [law firms and accounting firms]
5] Health Care-
6] Educational Institutions
“It is therefore my view that we – and by “we” I mean those of us in the Government as well as those in the private and third sectors – share a responsibility to ensure that we are well-prepared to identify and manage cybersecurity risks, wherever they are and whenever they appear.

“And we need to be aware and practice cyber safe behaviors at home as well.

“At the organizational level, one of the most effective ways to achieve cybersecurity preparedness is to adopt a cybersecurity framework, and that is to be the focus of our workshop today.

“Some of you may already be aware of the Government’s cybersecurity efforts. Our Cybersecurity Working group, which is comprised of private and public sector ICT and security professionals, is auditing the cybersecurity preparedness landscape of Bermuda.

“We are also working through the Cybersecurity Cabinet Committee, under my chairmanship, to address and attempt to mitigate cybersecurity risks to the Bermuda Government.

“To consistently evaluate and update our cybersecurity measures, we have adopted the National Institute of Standards and Technology’s Cybersecurity Framework. As you will see, the NIST Framework has much to offer, and it is well worth considering as a starting point for achieving cybersecurity preparedness.

“It is important to adopt an internationally-recognised, industry standard framework for the sake of proper cybersecurity planning and proper risk management, rather than to have no framework at all.

“We are a globally recognised jurisdiction in International Finance, Business, Law, we have are considered one of the richest countries in the world. We must now all work to ensure that we have the necessary elements in place to protect and secure our key infrastructure and businesses. You represent that new vanguard.

“Let’s work together ensure we raise and keep the standards of Cybersecurity at the requisite levels.”


Leave a Reply