Huawei reps recommend cybersecurity strategies
The deputy chief cybersecurity and data protection officer for Huawei Central America & the Caribbean Gabriel Núñez is recommending that companies take a more proactive approach to cybersecurity through proper preparation for cyberattacks, end user education, and employing the confidentiality, integrity and availability (CIA) triad.
Speaking to a panel of reporters at the Huawei Jamaica office in St Andrew, Thursday, Gabriel Núñez said a majority of cyberattacks take place because of the negligence of end users who become victims. As such, he advocates that both businesses and the Government invest and engage in the training of end users.
“About 80 per cent, depending on the source you find, or 75 per cent of the attacks happen because this person [the victim] is the weak point,” he shared, adding that, “Most of the attacks come because of [lack of] education, like training…Actually for old people, it’s even worse.”
This, he explained, was due to a strategy used by hackers and other cyber criminals called social engineering in which they play on the emotions of or use other persuasive means to extract information from victims.
Over the last decade, cybersecurity has emerged as a major threat to businesses as more people across the world use computers and other digital devices such as tablets and cellphones to access services on the worldwide web. Just last year, Jamaica experienced 43 million cyberattacks, according to data from FortiGuard Labs, Fortinet’s threat intelligence and analysis laboratory.
“Fewer attacks are designed for specific targets, making them more sophisticated and more likely to succeed if organisations do not have integrated, automated, and up-to-date cybersecurity defences,” Fortinet disclosed.
The report further noted that ransomware continued to have significant activity in 2023.
“While detections may have decreased in volume, this trend supports what FortiGuard Labs has seen in recent years: ransomware and other attacks are becoming increasingly specific and targeted, thanks to the growing sophistication in attackers’ tactics, techniques, and procedures, and their desire to increase ROI per attack. This phenomenon underscores the importance of remaining vigilant and strengthening defences against potential targeted attacks,” the FortiGuard Labs report said.
Since cyberattacks have become more sophisticated and dynamic, Nunez emphasised the need for a “multiple factorial authentication” protocols be in place to maintain the integrity of a company’s cybersecurity systems and that users are properly validated to access information. Multiple factorial authentication is a measure employed by a company to request a number of verification tools to identify an end user, such as password, secret questions, biometrics and smart cards.
Still, Nunez pointed out that rather than being concerned with the number of cyberattacks that were launched against Jamaicans, the authorities should be more concerned about how many were successful.
He added: “It is not only what happens in the attacks; it’s how do we solve the problem, how do we govern from the problem and how do we learn from it. It doesn’t stop here.”
Nunez conceded, too, that cybersecurity requires collaboration between internet service providers, end users and website owners.
A manufacturer of modems and a supplier to local telecommunications outfit Digicel, Huawei is one of the largest players in the global cybersecurity industry with its operations touching 170 countries.
Courtney Hamilton, director of Enterprise Business Group, was, however, quick to point that here in Jamaica, “Our purview has to do with the equipment we sell.”
He further advised that businesses should have a cybersecurity consulting firm with which they can engage for guidance in cases of cyber attacks. His colleague, Nunez, also recommended that businesses contact the Jamaica Cyber Incident Response Team as well.
But since most cyberattacks originate with the end users, Hamilton said, “you as the customer, whether it’s your business or your home, you have some responsibility to make sure that you put in all the safeguards to ensure they you can’t become a victim.”
Nunez also recommends that businesses use the CIA triad.
According to Fortinet, “The confidentiality, integrity, and availability of information is crucial to the operation of a business, and the CIA triad segments these three ideas into separate focal points. This differentiation is helpful because it helps guide security teams as they pinpoint the different ways in which they can address each concern.”