https://i0.wp.com/demerarawaves.com/wp-content/uploads/2024/03/UG-2024-5.png!

Guyana on “evolving” tier of Global Cybersecurity Index

Last Updated on Friday, 1 November 2024, 18:47 by Writer

Even as the National Data Management Authority (NDMA) continues to train people across Guyana to strengthen cybersecurity in the public sector, the International Telecommunications Union (ITU) this year ranked the country as evolving (Tier 4) on its 2024 Global Cybersecurity Index (GCI).

In all, 11 Caribbean Community (CARICOM) member states are evolving, with a score range of 20–55. The ITU explains that Tier 4 represents countries that obtained an overall score of at least 20/100 by demonstrating a basic cybersecurity commitment to government-driven actions that encompass evaluating, establishing or implementing certain generally accepted cybersecurity measures in at least one pillar, or several indicators and/or sub-indicators.

The ITU says out of a maximum score of 20, Guyana’s Country Score shows that the country’s lone area of relative strength is legal measures with a score of 16.52. The others are areas of potential growth: technical measures 7.96, Organisation measures, 5.88; capacity development, 8.35, and cooperation measures 8.52

In observance of Cybersecurity Awareness Month, the NDMA hosted its annual cybersecurity training sessions for public sector employees at the Arthur Chung Conference Centre. Focused on building cybersecurity awareness and equipping participants with essential skills to protect government networks, these sessions brought together IT officers and other public servants from various departments and ministries, fostering collaboration to strengthen cybersecurity resilience across the government’s information and communication technology (ICT) infrastructure.

With cyber threats growing increasingly sophisticated, the NDMA organized these training sessions to elevate the government’s security posture and cultivate a culture of cybersecurity. Public sector participants engaged in expert-led presentations, interactive workshops, and in-depth discussions, exploring topics from cyber threat detection and prevention to risk assessment methodologies. These sessions provided practical guidance and insights into the latest policies, strategies, and tools essential for defending government’s critical digital assets.

The training initiative featured two sessions which targeted two groups of public sector workers. Session one, aimed at IT officers, focused on cyber risk and their potential impact with a charge to adopt a risk-based approach to cybersecurity. Participants were exposed to various cybersecurity controls, their implementation, and risk mitigation strategies. The second session focused on public sector workers in various departments and ministries equipping them with basic cyber hygiene and cybersecurity best practices.

Deputy General Manager of Operations, Orson Smith, emphasized the critical role of IT officers and public servants in safeguarding government data. “Cybersecurity is not just an IT issue; it is a fundamental aspect of national security and public trust. By strengthening our cybersecurity capabilities, we can safeguard our national security, protect our economy, and ensure the well-being of our citizens,” said Mr. Smith in an NDMA statement. He highlighted the increasing complexity of cyber threats and the need for continuous vigilance and proactive measures, underscoring that cybersecurity is a collective responsibility that transcends individual departments.

Mr. Smith also outlined the training agenda, which included an in-depth look at risk assessment methodologies, specifically using controls developed by the Centre for Internet Security (CIS). This segment aimed to equip participants with effective tools for assessing and managing cyber risks within their departments. “Your dedication and commitment to cybersecurity are vital in ensuring the safety and security of our digital assets. Let us use this training as an opportunity to strengthen our defences and enhance our capabilities,” he urged.

NDMA’s Cybersecurity Director, Muriana McPherson, provided insight into the ever-evolving cyber risks threatening Guyana’s digital infrastructure. She explained how breaches to government networks and essential services could have serious implications for national security. “When our critical systems are affected, the ripple effects can be devastating, not just for individual organizations but for the nation as a whole,” she stated. Her presentation underscored the need for a unified approach to cybersecurity, with each public sector employee’s actions directly contributing to the nation’s overall security.

Participants actively engaged in discussions on real-world scenarios, learning about the latest social engineering tactics that adversaries use to breach systems and how to recognize early signs of phishing, ransomware, and other malware attacks.

NDMA remains dedicated to fostering a culture of cybersecurity awareness and collaboration, ensuring that Guyana’s public sector is well-prepared to address the evolving challenges of an increasingly digital world.

These cybersecurity training sessions for public sector employees represent a significant milestone in Guyana’s journey towards a robust cybersecurity framework. By empowering public servants with the knowledge and tools to safeguard government networks, NDMA reaffirms its commitment to protecting the nation’s digital assets and advancing a secure digital future for all Guyanese citizens.

The T4 evolving” countries are The Bahamas, Barbados, Belize, Dominica, Grenada, Haiti. Saint Kitts and Nevis, Saint Lucia, Saint Vincent and the Grenadines, and Suriname.

Those CARICOM member states that are “establishing” (Tier 3) are Jamaica, and Trinidad and Tobago, and the lone country on “Tier 5 Building” is Antigua and Barbuda. This tier represents countries that obtained an overall score of at least 55/100 by demonstrating a basic cybersecurity commitment to government-driven actions that encompass evaluating, establishing or implementing certain generally accepted cybersecurity measures across a moderate number of pillars or indicators.