BETWEEN March 2022 and November 2023, the Telecommunications Services of Trinidad and Tobago’s Expenditure Committee approved a total of $24 million to fortify the organisation against cybersecurity threats, official documents obtained by the Sunday Express have shown.
The $24 million represented the total amount requested by TSTT’s Networks and IT department over the time-frame.
Over the period, the Networks and IT department submitted around 40 requests for funding dedicated to enhancing cybersecurity.
All were approved.
“From March 2022 to November 2023, the Expenditure Committee consistently approved every single cybersecurity expenditure request, amounting to $24 million,” one of the documents stated.
This, however, did not prevent TSTT from becoming the victim of hackers on October 9 last year.
On March 13 last year, TSTT was also the target of a malware “incursion” when its systems detected a security attack directed at a number of the company’s internal-only solutions/applications, Public Utilities Minister Marvin Gonzales disclosed in Parliament last year.
The Expenditure Committee was established in October 2020 to manage the spending of the majority state-owned telecommunications provider.
Interestingly, the approved funds exceeded the actual amount spent by the Network & IT team, suggesting a discrepancy between what was requested and what was utilised.
The document further noted that the Expenditure Committee was unaware of any unapproved expenditures and raised an alarm over possible alleged machinations by personnel who might be manipulating fabrications of unapproved spending to mask failures.
The documents contradict earlier claims made by the Communications Workers’ Union, which accused TSTT’s former chief financial officer Shiva Ramnarine of neglecting crucial cybersecurity funding.
Additionally, a memo on the Nelson Exchange shutdown—a major network failure—reveals that all maintenance expenditure requests related to the Nelson Exchange were promptly approved over the past three years.
According to the memo, TSTT’s Maintenance Expenditure Committee approved $3.2 million for the Nelson Exchange from over 50 requests.
The Maintenance Expenditure Committee was established in October 2020 and comprised the CFO serving as chairman, the General Manager Networks and IT, the Financial Controller, the Senior Manager of Service Delivery and Assurance and the Chief Procurement Officer among others.
In the report, the Maintenance Expenditure Committee urged for more substantial evidence regarding any claims of spending obstructions and highlighted the need to address TSTT’s over-reliance on vendors.
The memo also stated that the situation seemed to lead to either an undue dependency on vendors for decision-making or negligence on the part of internal Network and IT resources.
In addition to the confidential documents, the Sunday Express acquired a recording where a senior manager in Networks and IT Security was questioned about the claims circulating that cybersecurity costs were denied approval.
According to the recording, initially the Network and IT department asked for $26 million, but following a discussion with Ernst and Young, that amount was amended to $24 million, and subsequently approved.
The senior manager in the Networks and IT department confirmed that everything requested was approved.
She said spending was done on capital and operations expenditure and included spending on security awareness training, cyber risk, and cyber back-up upgrades among other things.
When Ramnarine was contacted, he declined to comment and instead requested that all questions be directed to his attorneys.
When contacted, Ramnarine’s legal team headed by Jagdeo Singh indicated that his client was very content with his departure from TSTT, as TSTT had honoured all contractual obligations to him.
Singh also expressed no surprise at what he said he considers the emergence of “accurate information which is wholly and entirely supportive of his client’s performance in the best interest of TSTT”.
He also said that this information undermines the “baseless and malicious claims perpetrated by persons and/or entities whose interests collide with that of TSTT and Mr Ramnarine.”
Singh further stated that the following information raises the following pertinent matters:
1. Are the TSTT management team and board fully aware of the individual mentioned in the voice recording and other staff members accused of spreading misleading information to the union and a specific media outlet?
2. The claim of non-approval of expenditures ought to be supported by documentary evidence. This is a simple process which merely requires the request to be matched against the approvals. Both the request and the approvals must exist in easily retrievable documentary form.
3. A proper investigation will reveal that not only were funds requested for cybersecurity promptly approved, but those approved funds were underutilised by the division of the company it was approved for. This exercise is also a simple one. Documents exist which show approved funds, the purpose of the approval, utilised funds and the purpose of the utilisation. In those circumstances the claim of underutilised funds is easily refutable.
Additionally, when former CEO Lisa Agard was approached by the Sunday Express regarding whether she knew that all cybersecurity requests and maintenance expenditure requests for Nelson Exchange were approved, she confirmed that this was true.
She also acknowledged being fully aware of what she described as “the circulating false narrative”.
Ramnarine’s contract as TSTT’s CFO was terminated with immediate effect on January 5.
“TSTT can confirm the departure of its former chief financial officer Mr Shiva Ramnarine. We, however, categorically deny that his departure was in any way related to the cyberattack. Mr Ramnarine served the company well during his tenure and we wish him well in his future endeavours,” the organisation’s chairman Sean Roach told the Express last week.
Ramnarine had previously initiated legal action against the Communications Workers’ Union, which claimed his decision not to fund cybersecurity was responsible for the cyberattack.
His attorneys, last week, wrote to CNC3 News regarding what they claimed was the news outlet’s “erroneous and misleading” reporting on their client’s dismissal.