Benjamin Roseth, senior specialist in modernisation of the state at the Inter-American Development Bank (IDB), has given a comprehensive list of recommendations that businesses can implement to bolster their cybersecurity.

He gave the recommendations as part of his presentation at the PSOJ/IDB EmpowerJA: Building Bridges for Success Forum on Thursday, January 18.

Check out the recommendations below:

1. Employee Training and Awareness

• Implement phishing simulation exercises and awareness courses to educate employees about potential cyber threats.

He as well as other presenters highlighted that human error is always one of the biggest vulnerabilities in an entity. Phishing is a type of social engineering where an attacker masquerades as a trusted entity to trick victims into giving away or granting access to sensitive data.

2. Information asset mapping and risk assessment

• Conduct a thorough assessment of information assets and evaluate potential risks to establish a robust cybersecurity strategy.

3. Software Vigilance

• Utilise only licensed, updated software to mitigate vulnerabilities and stay ahead of potential exploits.

4. Device Protection

• Safeguard devices by employing antivirus or similar protective software to thwart malicious attacks.

Up to 83 per cent of business in Jamaica use anti-virus or similar on company devices and systems and 76 per cent use firewalls.

5. Network Security Measures

• Fortify networks using firewalls, Virtual Private Networks (VPNs), and tools for protection during email and web surfing activities.

6. Mobile Device Security

• Employ encryption, access protection, and security apps to shield mobile devices from cyber threats.

7. Web and Cloud Protection

• Implement robust security measures for online sites and cloud computing accounts to safeguard sensitive information.

8. Wireless Network Security

• Secure wireless networks with encryption and passwords to prevent unauthorized access.

9. User Account Security

• Establish and enforce policies like strong, changing passwords and two-factor authentication to enhance user account security.

10. Access Limitations

• Restrict employee and vendor access to systems, information, and application installations based on necessity.

11. Data Encryption

• Encrypt sensitive information to safeguard it from unauthorized access or interception.

12. Regular Backups and Drills

• Perform automatic regular backups and conduct data restoration drills to ensure data recovery readiness.

13. Incident Response Plan

• Develop and implement an incident response plan to swiftly and effectively address cybersecurity incidents.

According to a study conducted by the IDB in 2023, in the best-case scenario, no more than 53 per cent of Jamaican businesses have an incident response plan in the event of a cyber attack.

14. Payment System Security

• Separate payment systems and adhere to best practices recommended by financial institutions to safeguard financial transactions.

15. Cyber Insurance

• Consider securing cyber insurance to provide an additional layer of protection against potential financial losses due to cyber incidents.