FLORENCE HALL, Trelawny — The CEO of a Jamaican cybersecurity firm is urging the country to take the lead in establishing, before year-end, a data storage system for the Caribbean, positioning the region to take a unified approach in securing its information.

“We need to look at a Caribbean federated cloud. It’s important that we pilot something like that within the next six months. Jamaica can pilot something like that; Bermuda, Curacao, and Guyana can federate it. The rest of the Caribbean can follow,” urged head of Symptai Consulting Limited Marlon Cooper.

He was speaking, Wednesday, during a panel discussion on the topic ‘Cyber Security and Data Privacy’ during the Organization of Caribbean Utility Regulators (OOCUR) 2026 Conference at Ocean Coral Spring Resort in Trelawny.

“We’re small island states. It makes sense that we have a Caribbean federated cloud. It makes sense that we look at sovereignty in the context of sharing data with each other, outside of jurisdictions that we don’t want to share with; because we’ve always been, as Caribbean people, cooperative,” Cooper insisted.

Another panellist, Eliud Ramocan, head of Cyber Resilience and Threat Intelligence at the Bank of Jamaica (BOJ), also underscored that cyber resilience is a collective effort, not an individual one.

He argued that rather than focusing only on preventing attacks, institutions must accept that breaches will happen and be prepared to maintain critical operations, recover quickly, and emerge stronger.

Ramocan revealed that the BOJ has strengthened sector-wide resilience by nurturing collaboration among financial institutions, including a cyber intelligence-sharing platform and regular meetings at which banks exchange real-time threat information, best practices, and defensive strategies, even as they compete in other areas.

“Cyber security is just one thing that doesn’t make sense to compete on, but to make sure that, together, we are more resilient. Recently, in February, in collaboration with the JaCIRT (Jamaica Cyber Incident Respond Team) under the leadership of Lieutenant Colonel Sterling, we had a cyber drill that allowed us to simulate cyberattacks through very realistic attack vectors that helped the cyber teams or the financial institutions to recognise areas in their incident playbooks to be able to improve so that we have a more efficient coordination of a sector-wide cyber response,” Ramocan said.

He explained that the BOJ is preparing to implement a cyber and artificial intelligence (AI) professional development programme for the financial industry, noting that as transactions occur at nanosecond speeds, digital systems must be tightly governed.

Ramocan stressed the importance of continuously upgrading the skills, certifications, and training of IT and cybersecurity teams, the “plumbers” who maintain these pipelines, especially those with high-level system access, to ensure stronger monitoring, oversight, and effective management of insider threats.

For her part, Naomi Watkins, acting legal officer at the Office of Utilities Regulation, emphasised that despite competition within the sector, the growing challenges of cybersecurity, data privacy, and AI demand collaboration.

“You need to collaborate, and you can do so without compromising your intellectual property [and] your commercial interests, because some things we just have to work together on to get where we are going. We are small nations. We have limited resources. And, yes, I know that sometimes one of the things that happen is that because managers can’t see a set figure — you know, X profit or X reduction in cost when it comes to cyber security — then it’s not such a big deal. But listen, it will be a big deal if there’s a breach that affects your major customers, it damages your reputation, and, of course, if you are sued. We cannot just sit back,” Watkins said.

“We need to collaborate. There are some things that we just have to work together on for the protection of our citizens because, at the end of the day, the consumers are who we are working for,” she stressed.

The discussions also touched on the role AI can play in creating vulnerabilities, with Symptai’s Cooper warning that it has spread globally at unprecedented speed, making it unavoidable for organisations.

He stressed the urgent need for internal guardrails to prevent “shadow AI”, where employees unintentionally expose sensitive data through unsanctioned tools, which could drive the next wave of cyberattacks.

“Three years is how long it’s taken for AI to reach over 50 per cent of the world’s population. It took electricity 100 years. It took cellphones 25 years. Whether you believe AI is useful or not, you must understand that it is here and it is not going anywhere. So from that AI perspective, specifically, it’s very important that you have guardrails in place in your organisations today before you even start thinking about policies,” Cooper said.

“The next frontier of a lot of cyberattacks we’re going to see is from people trying to work smarter because their organisations aren’t governing how they work and how they use technologies like AI. That’s very, very important,” he added.

Cooper also called for stronger telecom regulations in Jamaica, including mandatory 72-hour operational resilience after disasters, clear energy-contingency planning, and stricter infrastructure hardening standards.