Mass uptick in reported cyber incidents
CEO of tTech Limited Norman Chen (left) speaks with journalists during a Jamaica Observer Business Forum held on October 11, 2023 at the media house's Beechwood Ave address in St Andrew. Also pictured are (from second left) JaCIRT head Lieutenant Colonel Godphey Sterling and David Grey, deputy information commissioner. (Photos: Naphtali Junior)

Significantly driven by the evolution of new technologies such as artificial intelligence (AI), machine learning (ML) and quantum computing, stakeholders have indicated that they are now witnessing a more than 200 per cent increase in the number of locally reported cybersecurity breaches annually.

Speaking at a recent Jamaica Observer Business Forum head of the Jamaica Cyber Incident Response Team (JaCIRT), Lieutenant Colonel Godphey Sterling said that while a number of measures are being implemented constantly, cases continue to remain on the rise even as those reported often fall significantly below those that are not. In recent months entities including Derrimon Trading, Mayberry Investments and the Financial Services Commission (FSC) are among some of the most prominent to have reported breaches on their networks locally.

JaCIRT, established in 2015 and operates out of the Office of the Prime Minister, is an entity mandated by Government to address matters related to cyber threats and to provide appropriate responses.

"Up to this point, we are now trending at almost 60 per cent above what was reported last year. For the entire 2022 JaCIRT through its website saw over 80 cases of reported incidents coming from our report and incidents tab and for the first six months of this year, the numbers were trending at 176 reports. Up to yesterday, one IP address in pushing the avalanche malware, pushed some 126 connections per hour. When we look at walk-ins plus calls, these amount to an almost 200 per cent increase in reported activities of breach," he told journalists during the forum held last Wednesday.

Ryan Meeks, manager of development, security and operations and applications at Symptai Consulting, urged companies in the wake of growing cyberattacks to carefully assess their cybersecurity posture and to strengthen systems accordingly.

During first half of 2022 it was reported that the Caribbean experienced about 144 million cyberattacks, 44 of which took place every second of every day with ransomware being the most common breach and incurring billions in losses for companies that have had to shut down systems for a while or even go offline for days. According to findings contained in an IBM 2021 report, the average global cost of a data breach in that year also climbed to over US$4 million per company — 10 per cent above the prior year. Guyana, which had the most cyberattacks with 71 million, was followed by Suriname at 16 million, Barbados, 13 million and Jamaica at fourth with 12 million attempts.

"When we look at breached data that is available on the deep and dark web, it correlates with the level of vulnerability we are seeing but it far outstrips what is reported. This means a lot more persons are being hit [attacked] and successfully, way more than that being reported…and that has to be something that is treated with. As it is, too many companies are all about the bottom line and not the security of their digital assets, additionally too many are also successfully exploited and don't even know," Sterling said. He added that measures such as the ramping up of public awareness and training among the steps being taken by his office, working in partnership with other stakeholders currently, especially since October which is being observed as National cybersecurity Awareness Month.

Confirming the rise in incidents, cybersecurity experts Ryan Meeks, manager in charge of development, security and operations and applications at Symptai Consulting, and Norman Chen, CEO of managed IT services provider tTech Limited, both said that their entities, without even having to look at internal numbers have, in recent times also seen noticeable increases in the request for cyber-proofing solutions from companies and individuals.

"From our side, aside from standard recommendations which require the undertaking of annual penetration and other system tests, we continue to urge our clients and by extension, all companies to be more proactive and not just reactive. Likewise we continue to encourage them to look at their cybersecurity posture and to harden systems accordingly prior to any attack," Meeks said.

Chen, in recommending a multi-layer security approach, further said that with the rise of digital societies, the sole reliance on traditional anti-virus solutions should be a practice of the past, especially given the legislations to come with the Data Protection Act scheduled to take effect December 1, 2023.

"We now operate in an era where companies need to engage the full gamut of security, as the question is not whether a company will come under attack but more so when, and in the event an incident does occur, a successful emergence will be determined by how they respond to it," he stated.

With an influx of overseas ransomeware gangs continuing to prey on local organisations, JaCIRT said it has also been collaborating with both public and private sector partners to build up a strong response team, resilient systems and an even more alert citizenry.

"We partner with a slew of entities, the closest to home which is CSIRT of the Americas — a conglomeration of 23 countries, 41 CIRTS and 231 dedicated service training professionals. In Jamaica we also have a growing cybersecurity sector comprising a number of local players and we likewise have memorandum of understandings (MOU) with countries as far away as the Middle East, so we do have that level of support and expertise," Sterling stated.

BY KELLARAY MILES Business reporter

Now you can read the Jamaica Observer ePaper anytime, anywhere. The Jamaica Observer ePaper is available to you at home or at work, and is the same edition as the printed copy available at


  1. We welcome reader comments on the top stories of the day. Some comments may be republished on the website or in the newspaper; email addresses will not be published.
  2. Please understand that comments are moderated and it is not always possible to publish all that have been submitted. We will, however, try to publish comments that are representative of all received.
  3. We ask that comments are civil and free of libellous or hateful material. Also please stick to the topic under discussion.
  4. Please do not write in block capitals since this makes your comment hard to read.
  5. Please don't use the comments to advertise. However, our advertising department can be more than accommodating if emailed:
  6. If readers wish to report offensive comments, suggest a correction or share a story then please email:
  7. Lastly, read our Terms and Conditions and Privacy Policy

Which long-term investment option is more attractive to you at the moment?