By Chris Patterson
KINGSTON, Jamaica, (JIS) – Director, Cyber and Information Security, Symptai Consulting Limited, Rory Ebanks, has highlighted the importance of organisations investing in and implementing safeguards to minimise the threats and impact of cyberattacks. Addressing the ministry of national security CyberSMART Conference at the AC by Marriott Hotel in St. Andrew on February 12, Ebanks urged companies to make the necessary investments in cybersecurity.
“When you think about the budget and the expense that’s going to be associated with cybersecurity, think about what if you don’t implement cybersecurity in your organisation. The average cost of a ransomware attack is about US$4.8 million; that’s the cost of a data breach. If you want to invest a small fraction of that to harden your infrastructure, why wouldn’t you do it?,” he urged stakeholders not to wait until after their data have been compromised before they implement measures to try to recover and protect their data.
“Why is it that you have to be reactive instead of being proactive. I’m pretty sure this happens right around the world. After a breach, everybody finds the money; they find the budget – somehow the money miraculously appears; now they can invest, they can buy all of the latest solutions, tools, infrastructure, they can do training, but if you were proactive, you’d only have to spend a fraction of that. So, I prefer to be proactive when it comes to cybersecurity,” Ebanks said. Organisations can take a phase-by-phase approach to implementing cybersecurity control.
“Implementing cybersecurity control does not have to be expensive. You can start by training. There are free training courses out there. You can have training modules for literally a dollar per user per month. If you as an organisation can’t spend a dollar on a user to educate them, then that’s a big risk right there. You’d rather spend US$100,000 to try to recover after a breach?” he questioned.
“So that’s how you need to look on the budget. Weigh up the cost of a data breach versus you being proactive and taking the approach of implementing different layers of protection, understanding your landscape and ruling out cybersecurity in that aspect instead of being very reactive,” Ebanks added, that outside of the money, there are many other implications, your reputational damage, and customers may not want to do business with you after a breach.
Ebanks said investments in cybersecurity programmes can also assist companies to identify the breach as soon as possible.
“It doesn’t mean that yes, you invest money in your cybersecurity programme and you’ll never get breached, but you have to have controls and procedures in place… a lot of organisations have invested money and still have gotten breached, but you still have to have plans and controls in place; if you do get breached, you need to be able to identify it as soon as possible,” he added.
The post Jamaican organisations urged to invest in cybersecurity appeared first on Caribbean News Global.
