BRIDGETOWN, Barbados--An appeal has gone out to Barbados and the region to strengthen their cyber security, especially in light of the recent introduction of the cyber security legislation, the General Data Protection Regulation (GDPR), by the European Union (EU).
It has come from Business Development Officer at the Caribbean Israel Centre for Cyber Defense (CICCD), Daidre Leacock.
The law, which takes effect May 25, 2018, elevates personnel data to the level of being an asset. Under the GDPR, any entity, government or private, that has the information of any EU citizen or business will be mandated to put measures in place to adequately protect the information.
Failure to do so will result in an organisation or company being held liable for any information lost during a cyber-attack, and fined up to four per cent of its global turnover, or up to 20 million euros (US $23.6 million).
In addition, it stipulates that a breach must be reported, as well as the names of those affected, to the data protection authorities in the EU within 72 hours. EU citizens also have the right to have their data erased from an entity’s database.
“There is no room for error ... It has great implications for the region as it is now. Cyber security is no longer an option, it is mandatory for us to get up-to-date,” Leacock warned, emphasising that Caribbean countries were highly vulnerable to hacks.
She advised agencies and companies in Barbados, including those owned by government, which conduct business with European businesses or citizens, to take steps to ensure their compliance, such as training.
“This is not a situation that we can take for granted, especially for offshore companies. While Barbados may have some offshore companies here, they indeed are going to be highly impacted because if any EU citizen is hacked and their information is out there, they [the company – Ed.] will be fined.
“So, the onus is on organisations and companies to become compliant – make sure they have the information ready and data secured. It’s going to be more expensive to pay a fine than to become compliant,” the official stressed.
The CICCD was born out of a partnership between the government of Israel and the Caribbean to build out the region’s capacity to deal with cyber-crime. The Centre works with Barbados, the British Virgin Islands, Trinidad and Tobago, Suriname, Anguilla, St. Maarten and member countries of the Organization of Eastern Caribbean States. ~ Caribbean360 ~
